Fired CPS Employee Charged With Stealing Database Containing Files On 70,000 People
CHICAGO (CBS) -- A former Chicago Public Schools IT worker fired from the school district's Office of Safety and Security allegedly stole personal information from tens of thousands of people whose information was contained in files that were supposed to be secure.
Kristi Sims, 28, was charged Friday with one count of aggravated computer tampering and four counts of identity theft. She was freed on bond after a court hearing Friday.
Police believe she downloaded personal files without authorization in retaliation for being fired.
Prosecutors said she was contracted by CPS as an IT specialist to work on the team of specialists hired to work on the highly-publicized background check project.
The information was stored on a cloud. When she learned she was fired, prosecutors said she accessed the cloud files remotely before CPS administrators were able to shut her out of the system.
CPS did not answer CBS 2's questions about why her access to the secure files was not immediately turned off.
The files included sensitive information from as many as 70,000 CPS employees, volunteers, and vendors. Sources said she copied the database and deleted it on Halloween. She was arrested late Halloween night after the data breach was discovered.
Digital forensics expert Matthew Feilen said the data could have been compressed into a small, portable file that could have been downloaded in just a few seconds.
"(You can) attach it to an email such as gmail or a Dropbox account," Feilen said. "It's very easy."
The Chicago teachers Union released a statement Friday expressing disbelief in the findings.
"We're troubled by yet another data breach by CPS – incredibly, this time, in the CPS Office of Safety and Security, which seems to be neither safe nor secure," said Chicago Teachers Union Vice President Stacy Davis Gates in a press release. "This latest breach suggests that CPS has put scant protections in place since their last incident – and CPS communications to our members about recourse and risks also seem insufficient at best. We're considering the best course of action to take on behalf of our members."
Former federal prosecutor Renato Mariotti weighed in on the potential implications for CPS.
"They need to figure out not just what happened, but how can we make sure this doesn't happen again, and ensure the public and people interacting with CPS and people with children, for example, at CPS that their data is safe," Mariotti said.
Sims, of Hickory Hills, was scheduled to appear in bond court Friday afternoon.
An email CPS sent Thursday to the people affected by the data breach details the personal information stolen. It includes names, employee ID numbers, phone numbers, addresses, birth dates, criminal histories and any records associating individuals with the Department of Children and Family Services.
"There is no indication the information, which was in the individual's possession for approximately 24 hours, was used or disseminated by anyone in any way," CPS stated.