[BreachExchange] Breach exposed Dallas student, parent, teacher personal data
Sophia Kingsbury
sophia.kingsbury at riskbasedsecurity.com
Fri Sep 3 08:36:24 EDT 2021
https://www.startribune.com/breach-exposed-dallas-student-parent-teacher-personal-data/600093432/?refresh=true
A data breach at the Dallas public school system earlier this month exposed
the personal information of students, parents, teachers and staff dating to
2010, system officials revealed Thursday.
In statements posted to its website Thursday, the Dallas Independent School
District said it learned of the breach on Aug. 8. Since then, the district
says it has been investigating and working to contain the exposure before
making it public.
According to the website statements, an unauthorized third party downloaded
the data and stored it temporarily on an encrypted cloud storage site.
Social Security numbers, birth dates, contact information and grades were
among the data exposed.
The district said it had not received any reports of fraud or identity
theft due to the data breach. It planned to open a hotline Friday to answer
questions of those affected and help them set up credit monitoring.
The district is the second-largest in Texas, ranking behind only the
Houston Independent School District. The Dallas district employs 22,222
staff members and enrolled 153,861 students in 230 schools, according to
its website.
The breach was the latest information technology breakdown reported by a
Dallas governmental entity. Dallas County prosecutors learned recently that
a city information technician inadvertently deleted 22 terabytes of crime
data.
Technicians recovered 14 terabytes. At first, that left officials with
about 7.5 terabytes likely lost forever. However, an audit found an
additional 15 terabytes of police data missing.
According to a police department statement, the lost data included images,
video, audio, case notes and other information gathered by police officers
and detectives. A city IT employee was migrating the files, which had not
been accessed for the previous six to 18 months, from an online,
cloud-based archive to a server at the city's data center. The city
ultimately fired the employee.
At least one murder trial has been postponed indefinitely and the suspect
was released on bond because of lost data.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210903/81095c52/attachment.html>
More information about the BreachExchange
mailing list