School Districts Stumble on Data Privacy -- THE Journal

Cybersecurity

School Districts Stumble on Data Privacy

By Dian Schaffhauser
06/15/10

Three school districts are grappling with the loss of private information on a broad scale, each through a unique set of circumstances.

One Virginia district learned that personal information about students at one of its middle schools was lost when a bag containing a thumb drive was stolen. Another discovered that it had sold as surplus several computers containing the names and Social Security numbers of employees. And a district in Massachusetts uncovered exposure of employee personal data on a public Web site for a short period.

In the case of Prince William County Public Schools in Manassas, VA, parents of students at Lake Ridge Middle School received a letter from its principal in May 2010 regarding the theft of confidential school division data. The data was maintained on a thumb drive taken off school property for the sake of emergency backup and was in a bag taken during a burglary off campus. The data included a student identification number, student name, parent/guardian name and phone numbers, and student bus number or walker status. According to the letter, additional "identifiable data" may also have been recorded.

According to the school district's Web site, Lake Ridge has about 1,180 students.

To answer parents' questions, the school held an informational meeting and provided contact information for its two assistant principals.

Roanoke City Public Schools in Roanoke, VA allowed personal information--including Social Security numbers--on about 2,000 employees to get out of its control during the sale of surplus computers. The sale of eight computers included hard drives containing names, school locations, and Social Security numbers of the division's employees as of November 2006. The district indicated it has since recovered the drives.

Quincy Public Schools in Massachusetts learned that it had posted private information about some employees, including names, home addresses, work locations, and Social Security numbers on a public Web site. The data was contained in a PowerPoint slideshow documenting proposed budget cuts, according to coverage in local newspaper, The Patriot Ledger.

In none of the cases does it appear that the school district has provided credit checking services for those potentially affected by the data breaches.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

E-Mail this page

Printable Format

Featured

Iteach Bringing AI to Teacher Curriculum via Khanmigo Partnership

Users of the iteach educator certification platform now have access to the Khanmigo AI teaching assistant at no additional cost.
Report Finds Increasing Number of Vulnerabilities in OpenVPN

OpenVPN, an open source virtual private network (VPN) system integrated into millions of routers, firmware, PCs, mobile devices and other smart devices, is leaving users open to a growing list of threats, according to a recent report from Microsoft.
Cyber Acoustics Unveils Headset for K–12 Classrooms

Edtech manufacturer Cyber Acoustics recently announced the AC-6014 USB-C Headset, designed for use in K–12 and virtual classrooms. The news comes on the heels of three recent USB-C product announcements, including two headsets with a microphone and one without.
First Global Treaty to Regulate AI Signed

The United States, United Kingdom, European Union, and several other countries have signed "The Framework Convention on Artificial Intelligence, Human Rights, Democracy, and the Rule of Law," the world's first legally binding treaty aimed at regulating the use of artificial intelligence (AI).