(update) More Student SSNs Were At Risk, TEA Says

Morgan Smith reports that a breach involving the Texas Education Agency was much worse than originally reported. Last month, the TEA reported that an unencrypted disk containing data on almost 25,000 Laredo Independent School District students had gone missing. But when the Texas Tribune obtained records about the breach, they discovered that there were data on 164,406 students who graduated from eight Texas school districts over the past two decades that had been sent via unencrypted disks.

The data were for students who graduated between 1992 and 2010 in the top 10% of their classes in the Crowley, Harlingen, Round Rock, Killeen, Richardson, Irving, Mansfield, and Grand Prairie school districts.

Between August (2010) and January (2011), the districts mailed unencrypted CDs loaded with students’ Social Security Numbers, dates of birth and ethnicity — data requested by the University of Texas at Dallas’ Education Research Center — to the TEA, with the expectation that the TEA would deidentify the records and pass them along to UT-Dallas.

[…]

A TEA spokeswoman told the Tribune today that Laredo ISD’s data set is the only one believed to be missing. The January memo says the agency has since destroyed the CDs from the eight districts whose information it did receive.

Read more in the Texas Tribune.

About the author: Dissent