Texas Association of School Boards data breach exposed thousands of teachers’ SSNs

Michelle Pedraza reports:

Last week Laredo ISD employees were notified that there was a security breach involving very important information about its employees.

As of right now, the district is not sure when the breach happened, but they know that the names and social security numbers of some LISD’s employees were made public on a website by the Texas Association of School boards.

LISD says that other school district’s that were affected have been notified and TASB will be sending a letter to every employee that was affected.

Read more on KGNS.

The Corpus Christi Caller-Times had reported this same incident on June 21, although it seems to have flown under a lot of media radar so far. The Caller-Times reported:

Some Corpus Christi Independent School District employee names and Social Security numbers from late 2016 through early 2017 were inadvertently made visible online, a district news release states.

The Texas Association of School Boards notified the Corpus Christi ISD of the incident, which was discovered May 22.

“All employee information has been taken down,” a district news release states.

The school board association, which administers a group unemployment compensation program for Texas school districts, reports there is no evidence that the personal information was accessed or used in any way, the release states.

On June 21, Alief School District also notified its employees. Their notification included an FAQ with the following information:

On May 22, 2017, the Texas Association of School Boards (TASB) learned that some personal information of employees (name and social security number) inadvertently became visible to the public on the internet. TASB immediately secured the information and engaged Kroll Cyber Security, a leading computer forensics firm, to conduct an investigation.

When did this happen?

We don’t know exactly when the data became visible, but TASB learned about it on May 22, 2017, and took immediate action to remedy the situation, securing the information.

I’m not finding anything on TASB’s web site yet that would indicate the total number of school district employees affected by the breach, nor any explanation as to how the inadvertent exposure occurred or when it first occurred.   This post will be updated if and when more details become available.

About the author: Dissent