95830
  • Posted by: Lucas Allen
  • 95, Logan, ON, Canada , Canada
  • On March 14, 2014, midnight
About 6,000 former high school students had personal information compromised after a staff member at the Avon Maitland District School Board transferred the files electronically. The board was alerted to the security breach, which lasted about five weeks, when a former student did a search of her own name and was able to access the information. She then contacted her old high school, said Steve Howe, manager of communications. The “student achievement file” contains a student's full name, Ontario education number, date of birth, gender, final grades assigned for courses taken, learning skills and work habit assessment scores, days absent, and whether the student has native status, an individual education plan or participated in a special education program or English as a second language. “While it shouldn't have been out there, it's not enough information, we feel, for identity theft. It's not complete enough to do anything with,” Howe said. The incident happened when a staff member was moving files around and left a digital connection open. The person didn't realize the personal information was among the files and didn't shut down the connection when the transfer was complete, Howe said. When the breach was identified, the information was shut down. The board then worked with Google to get rid of any “remnants,” Howe said. Students in all grades in the 2008-2009 year from all AMDSB high schools except Mitchell District High School were affected by the breach. “We did have forensic computer people look into it to see how many times it was accessed. There's no definitive number but it doesn't appear it generated much traffic,” Howe said. He stressed the information wasn't accessible from the board's website. The board has sent letters out to every student registered at the eight affected high schools between 2008-09 explaining the breach and apologizing. Since the letters went out there have been about 50 calls and 20 e-mails. “Mostly it was people looking for an explanation,” Howe said. Some former students will have moved on so the board will work on tracking them down if the initial letter doesn't reach them. “We have to accept responsibility and notify everyone,” he said. As a result of the incident, the board is reviewing its information security procedures and training staff to properly handle private information.
Source: www.stratfordbeaconherald.com

(0 comments)

Currently unrated

Comments

There are currently no comments


Add New Comment

required

required (not published)

optional