There’s more bad news for the College Board, owner of the SAT exam: a large breach of hundreds of confidential questions from the new SAT.

In this story, Reuters reported that it had received from someone with access to the redesigned test a slew of reading and math questions that had been rewritten for students to take at various exam administrations this year. The news agency didn’t publish the questions but said this:

Just months after the College Board unveiled the new SAT this March, a person with access to material for upcoming versions of the redesigned exam provided Reuters with hundreds of confidential test items. The questions and answers include 21 reading passages — each with about a dozen questions — and about 160 math problems.
Reuters doesn’t know how widely the items have circulated. The news agency has no evidence that the material has fallen into the hands of what the College Board calls “bad actors” — groups that the organization says “will lie, cheat and steal for personal gain.” But independent testing specialists briefed on the matter said the breach represents one of the most serious security lapses that’s come to light in the history of college-admissions testing.

In response to the article, the College Board published this on its website:

The theft of unpublished test content is a serious criminal matter. The College Board and our partner ETS are responding quickly and deliberately to investigate and resolve this matter. To be clear, this stolen content has not been administered to students. Therefore, no students have or will be impacted by this theft.
As the investigation is ongoing, we are limited in what we can share. We want to assure you, our members, that we are taking the stolen test content off the SAT administration schedule while the investigation is under way.
We will continue to update our members on the progress of the investigation.

Sandra Riley, vice president of communications at the College Board, said she could not discuss the situation any further except to say this: “[One] thing I want to emphasize is that no students are affected by this. I want to avoid any confusion that would cause unnecessary anxiety among students.”

Given the level of anxiety that many students have over having to take college admissions tests in the first place, it’s hard to know how much the “confusion” will affect them. But there are real unanswered questions about what this breach — and numerous others reported overseas for years — means for the validity of the test.

Will the College Board use the questions that Reuters received? Will colleges be concerned about student scores? Will high schools that are now using the SAT for accountability purposes be concerned about the test’s validity? Can the College Board and its partners stop security breaches, once and for all?

The College Board has been dealing with major security breaches for years. Overseas, sophisticated and lucrative cheating networks thrived, in part because the College Board has in the past used questions on overseas exam forms that already have been given in the United States. This allowed test-prep companies to send compatriots to the United States to take tests and/or obtain test questions by memorizing them or obtaining them illegally, as well as by monitoring chat boards where students post questions.

SAT scores have been withheld from some students at every single SAT administration in Asia for several years, and the scores from the entire May 2013 administration of the SAT and SAT Subject tests in South Korea were canceled because of a leak of questions.

This past January, the College Board canceled the administration of the SAT at some sites in China and Macau — just hours before students were scheduled to take it — because of a security breach. At that time, Riley said in an email that the tests had been canceled at centers “where we have evidence that students could have been exposed to test materials” and that “we also have the option to hold scores for students who tested at open centers to investigate and conduct statistical analysis.”

One college counselor in Singapore, who asked not to be identified because he was not authorized by his school to speak to the press, wrote in an email:

“​The absurdity of canceling the test in China, where only those with a foreign passport can take the test, and NOT canceling it in HK, Singapore, Taiwan, Thailand, etc. … where thousands upon thousands of mainland Chinese kids actually take the test, is beyond comprehension.”

Earlier this year, Reuters published several stories about cheating on the SAT in the United States and abroad, including these findings:

* “Internal documents show that the U.S. college entrance exam has been compromised in Asia far more often than acknowledged. And the newly redesigned SAT retains a key vulnerability that the test-prep industry has exploited for years.”
* “Booklets for the redesigned exam leaked online within days of the test. The ongoing failures to secure the SAT are prompting some college officials to question the validity of exam scores.”
* “At least five times in the past three years, U.S. high school students were administered SAT tests that included questions and answers widely available online more than a year before they took the exam, a Reuters analysis shows.”

Reuters also recently published a story reporting on security issues and cheating overseas with a program called the Global Assessment Certificate, owned and administered by ACT Inc., which is recognized by scores of U.S. admissions offices. It quoted Jonnathan De La Fuente, international admissions counselor at University of Michigan-Flint, as expressing deep concern over the cheating report, given that his school gives college credit for course work from the GAC program:  “If those reports are true, we have to, as a university, look into it. I’m wondering if those grades are even legitimate.”

Bob Schaeffer, public education director of the nonprofit National Center for Fair and Open Testing, or FairTest, which advocates against the abuse and misuse of standardized tests, said the latest revelation about the new SAT breach is “huge.”

“If Reuters is accurate that their reporters were shown more than 400 previously undisclosed SAT questions, the equivalent of between three and four entire SAT forms have been breached. Unless the College Board is so naive as to believe that these items have not circulated further — highly implausible in an age of instantaneous transmission by cellphone photos, text messages, social media, and dark web sites —  there’s no excuse for ever using any of these questions in a regular test administration. That could put a pinch on the size of the SAT item pool available for the exams scheduled for the coming academic year (first scheduled administration is Saturday, Oct. 1).
There’s also the issue of where in the College Board’s test development process the breach occurred and whether that security hole has been repaired.”

Schaeffer noted that ongoing security problems with the SAT and ACT are one of the factors that have encouraged a record number of admissions offices to adopt test-optional policies over the past two years. Sixty colleges have joined the long list since spring of 2015. You can find the list here.