Jul 182014
 

More details on this breach:

The Oakland Unified School District abandoned its dilapidated headquarters in January 2013 after a janitor left a faucet on overnight and flooded the building. Educators departed and the homeless moved in, but no one bothered to remove or secure records that were scattered throughout the building.

The folly of that oversight became apparent this month when district officials revealed that five employees have been victims of identity theft and notified all employees (pdf) that their personal information may have been compromised.

Read more on AllGov.

Jul 172014
 

John Thompson reports:

The Elizabethton City School System accidentally released personal information on all the system’s students on Tuesday. Superintendent Ed Alexander said the information was not further distributed.

Alexander said the information release was an internal mistake and there was no hacking.

“An official inadvertently hit the wrong button,” Alexander said. “All the report cards are now secure and we have changed our procedure to require two employees to be involved in the sending of confidential information.”

Alexander said the mistake happened when a parent of a T.A.. Dugger Jr. High School student wanted to obtain a copy of the student’s report card. Alexander said an employee who was not at the school agreed to provide a copy to the parent.

The parent was emailed a computer file that the parent discovered contained the grades, other educational records and biographical information on all students of the school system.

[...]

The Johnson City School System faced a similar situation in February when the wrong personal information cards were inadvertently sent home with Woodland Elementary School students. Debra Bentley, the system’s supervisor of instruction and communication, said some students in six classes at Woodland were sent home with the wrong emergency cards, which can include students’ addresses, home telephone numbers and Social Security numbers.

Read more on Johnson City Press.

Jul 162014
 

Julie Ball reports:

Buncombe County school officials have alerted more than 170 employees after an envelope containing checks with their names and Social Security numbers was stolen and some of the checks were cashed.

The checks were mailed in March to ING, the financial services company, as contributions to supplemental retirement plans. Some employees contribute to what are known as 403(b) annuities.

Read more on Citizen-Times.

Jul 162014
 

Charlie Crossdale reports:

Data containing details on children who have attended a primary school over the past decade has been lost.

Ysgol Sant Dunawd in Bangor-on-Dee near Wrexham is appealing to parents of pupils, past and present, to get in touch over the potential loss of data, after a backup device containing the Schools’ Information Management System (SIMS) database went missing.

The device, which the school claim is ‘highly likely’ to still be on the premises, contains personal information of pupils and parents, and includes some details of card transactions from parents or guardians for school trips and cheque payments.

Read more on News North Wales.

Jul 162014
 

9News reports:

A stolen laptop containing sensitive data has caused a security breach for Douglas County Schools.

The district sent a letter to all of its employees recently stating the stolen computer contained some workers’ Social Security numbers and bank account information.

Read more on 9News.

And where was this laptop at the time of the theft? And why weren’t the data or the drive encrypted?