UK School Software “Capita SIMS” Bug Assigns Kids to the Wrong Parents

A bug affecting Capita school information management systems may have corrupted pupil data at thousands of schools around the country.

IT firm Capita has come clean about a bug in the software it supplies to UK schools that have been mismatching kids with the wrong families since December 2017.

According to a message sent to school administrators this week, the bug affects the Schools Information Management System (SIMS), a type of software used by UK schools to keep track of students, their grades, classes, and parent information.

The bug affects student import operations

“The problem concerns the corruption of a SIMS software matching routine for new pupils since a Capita SIMS upgrade in December 2017,” Capita wrote in its message to school administrators.

The bug doesn’t affect all students but occurs only during student data import operations. More precisely, the bug affects how SIMS processes CTF files. These are files for moving student data in bulk when children transfer between schools, or between primary and secondary school phases.

“The consequence of the corruption is that contact information for the incoming pupil, for example, address, telephone number, and email address, may have become associated with other pupil’s records, or the new pupil could themselves be linked to the wrong contact details,” Capita explains, noting that it only recently became aware of the issue.

This is a problem as a student’s school progress and other details might have been sent to the wrong family, an obvious breach of the child’s privacy.

All schools affected, but few have complained

“This is a nationwide problem that potentially can affect all school types and phases, whether your SIMS database is centrally or locally hosted,” Capita said.

At the time it sent out the message, Capita said it couldn’t tell which schools were affected, nor which students’ info had been corrupted.

On its website, Capita claimed that “only a small number of cases have been reported to our help desk,” suggesting the issue didn’t cause too many headaches to schools’ IT staffs.

The company released SIMS patch 24157 on Monday to address the issue. Some school IT staffers confirmed the patch was successful at identifying mismatched data.

According to a 2013 press release, Capita says SIMS runs on around 22,000 school networks and holds an 80% share of the UK market.

Credit: BleepingComputer

CEH Course In pune | Slink

Jai Prajapati

Jai Prajapati is a security analyst and author for Securityleaks, where he passion for covering latest happening in cybersecurity world such as malware, breaches, vulnerabilities, exploits, white-papers, hacking newsbytes, Dark Web, hacking tutorials and a few more.

Leave a Reply

Your email address will not be published. Required fields are marked *