MN: Mahtomedi Middle School student breaches district data
Sara Marie Moore reports on a so-easy-a-child-could-do-it-oh-look-a-child-did-do-it breach:
A Mahtomedi Middle School student breached student data earlier this fall when a teacher was logged into a computer.
The student accessed 3,300 student ID numbers, 215 test scores, 11 individualized education plan (IEP) sheets and 18 other student education plans, said Patrick Crothers, technology coordinator. The breach extended beyond the middle school to students in all grades. The student was not able to change any data. He showed the data to one other student and is no longer in possession of the data.
Read more on White Bear Press.
Teachers – like nursing staff and other industries – will login and walk away or stay logged in, unless you deploy technological solutions that automatically logs them out after X minutes of inactivity. Why not assume good intentions on the part of teachers but also deploy protections so that if they forget or get distracted, data are still protected.
On a positive note, it sounds like the school district did not try to frame the student as a hardened felon. Hopefully by responding constructively to his conduct, they will form an alliance with him that will benefit him in the future.