Data housed on a North Carolina State University computer server that contained private information for about 1,800 school children from Wilson and Richmond counties was mistakenly put online, officials said Tuesday.
The data, which was gathered from 2003 to 2006 as part of a research study on classroom practices, includes names, Social Security numbers and dates of birth for students at Gardners Elementary School in Elm City, Wells Elementary School in Wilson and Ashley Chapel Elementary School in Rockingham, which has since been closed.
The state Department of Public Instruction notified N.C. State on July 25 of the data exposure after receiving a call from a parent of one of the students, officials said.
Read more on WRAL. The report does not indicate for how long the data have been exposed online? Since 2003? If not, since when? A news release from NCSU does not clarify the length of exposure issue:
Data housed on a North Carolina State University computer server that contained private information for about 1,800 school children from Richmond and Wilson counties was inadvertently made available online. The data was gathered from 2003-2006 as part of a research study on classroom practices.
The data contained names, social security numbers and dates of birth. The three affected elementary schools are: Ashley Chapel in Richmond County, and Gardners and Wells in Wilson County. The Department of Public Instruction notified NC State on July 25 of the data exposure after receiving a call from a parent of one of the students; the data was immediately removed from the NC State server.
“As soon as we learned this information was publicly available, we removed it from our servers and contacted Google to ensure removal of any saved copies,” said Marc Hoit, vice chancellor for information technology. “Our next step was to launch a forensic review of all our servers to make sure there were no other instances of inadvertent data release. Finally, there is no evidence that any of the data from the 2003 to 2006 study was used improperly, but we want to make sure parents are aware and can take additional steps to protect against the possibility of fraudulent use of identity information.”
A letter to parents provides information that includes measures that can be taken to monitor credit ratings. The university also has notified the school superintendents in Richmond and Wilson counties. Letters to parents were mailed on Monday, Aug. 8.
“Because this information was gathered several years ago, it was difficult to obtain parents’ current contact information,” Hoit said. “For example, Ashley Chapel Elementary has been closed.”
During the timeframe of the study, a small number of school systems still used social security numbers as student identification numbers. All North Carolina public schools now use randomly generated personal identification numbers provided by the state’s student information system, known as NC Wise. The university discontinued use of all social security numbers as personal identifiers in 2004.
[…]