Education Sector

Penn State reports second breach in 2009

Penn State does not seem to be having a great year in terms of data security and malware. Indeed, when I saw the newest incident in my newsreader, I skipped it at first, thinking it was a previously reported breach, but it’s not. On March 23, the University confirmed that 10,868 Social Security numbers...

CT: Glitch Leads to Campus Gmail Vulnerability

Seen on The Wesleyan Argus: When Information Technology Services (ITS) switched Wesleyan’s e-mail to Gmail in January of this year, students were able to log into other students’ e-mails for about a month by typing in a username and leaving the password field blank. This glitch has been but one of a multitude of...

City of Lawrence to pay for credit monitoring for snooping victims

Jill Harmacinski of The Eagle-Tribune reports that the city of Lawrence (Massachusetts) will be paying for free credit reports for more than 400 people subjected to questionable background checks by the School Department. Officials are now trying to figure out how many of the more than 400 background checks were actually legitimate checks for...

Personal info of 18,000 Nashville students exposed on the web (updated)

The Associated Press reports that the Tennessee Department of Education has announced that a private contractor, Public Consulting Group, accidentally exposed personal information of more than 18,000 Nashville public school students and 6,000 of their parents on the web from December 28 through March 31, when the problem was discovered by a parent. Information...

NZ: Privacy authority joins inquiry

Janine Rankin reports: The Privacy Commission will investigate how schools released schoolgirls’ contact details as part of the HPV (human papilloma virus) vaccination programme. The programme’s planned to continue next year to reach another three year groups, and in future will be routine for Year 8s. Assistant privacy commissioner Katrine Evans said getting the...

Ohio University Closes Door on Breach Saga With $90,000 Settlement

Steve Kolowich reports: Ohio University has settled a lawsuit with two former information-technology administrators, paying them a total of $90,000 because the university improperly failed to disclose some records related to an investigation of a data breach three years ago. Thus concludes a saga fraught with litigation, finger-pointing, and the perils of technology. Read...

UK: Stolen laptop contains pupils’ data

Brian Gomm reports that a computer stolen from Progress House, the main offices of Wigan Council’s Children and Young People’s Services, contained names, dates of birth, postcodes, ethnicity and, details of any special educational needs or eligibility for free school meals. The database on the password-protected laptop is thought to contain information on up...

NZ: Massey University Experiences Serious Breach Of Security

The Massey University intranet system utilised by students from all across New Zealand, MyMassey, is under scrutiny after a severe breach of security left thousands of students able to access other people’s highly sensitive information. Rawa Karetai, President of the Albany Students’ Association, was one of the first students to notice this critical error:...