Breaking News
More () »

Virginia Beach students will need to change passwords following a cybersecurity incident

The school division reached out to students, staff, and families to provide information on their new security measures.

VIRGINIA BEACH, Va. — Author's Note: The video above is on file from February 19, 2021.

Virginia Beach City Public Schools sent an email to students' families and staff on Friday following a recent cybersecurity incident in the school division.

In the email, VBCPS said some staff and students' accounts were affected and the Department of Technology has since secured all critical systems, as well as the compromised accounts. 

It is unclear what exactly happened, but the school division is now taking extra precautions to ensure it doesn't happen again. 

They are now requiring stronger passwords on students' accounts that are at least 12 characters long. 

Students will no longer be able to use common words like school mascots, school names, seasons, etc. 

The school division has deadlines in place for when all students and staff have to have their passwords changed. 

For staff with last names beginning with A through L, they must have their passwords changed by October 18. Staff with last names beginning with M through Z have a deadline of Oct. 21.

When it comes to students, the deadlines vary between elementary, middle, and high schoolers. 

Elementary students with last names beginning with A through L must change their password before November 4. the M through Z deadline is five days later on November 9.

All middle school students including those at Old Donation and JDC must change theirs before October 26. 

High schoolers, including those at Renaissance Academy, Technical & Career Ed Center and ATC must update their passwords before October 28. 

The requirements for new passwords are below:

  • Minimum password length is now 12 characters.
  • Common words are not allowed. For example: mascots, school names, seasons, etc.
  • The previous 24 passwords cannot be reused.
  • Passwords must contain three of the following four items:
    Upper case letter
    Lower case letter
    One number (for example, 0-9)
    One of these special characters (,!$%^*()_)
  • Passwords must not contain part of the account name or display name.
  • Passwords can be changed only once every two days.