DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

E-mail failure-to-bcc error exposes U. Alabama students’ failing grades to each other

Posted on November 2, 2011 by Dissent

Taylor Holland reports:

Students who had at least one failing midterm grade during the Fall 2011 semester received an email on Oct. 26 from the office of Lowell Davis, the assistant dean of students, notifying them of their grade and potential ways to improve it.

Students who received the email were not blind copied in it, however, and were able to see the email addresses of other failing students.

[…]

Adam Goldstein, an attorney advocate with the Student Press Law Center, said if the mass email was an accident, it might not be a violation of FERPA.

“There’s one thing that makes this not a FERPA violation,” Goldstein said. “FERPA doesn’t prevent disclosure [of educational information]. It prevents a policy or practice of doing it.”

However, Goldstein said students do have common law or state-based law privacy rights. Public disclosure of private or embarrassing facts could violate those rights, but it might be hard for students to show they were damaged by the release of this information, Goldstein said.
“Everyone generally recognizes you have a right to privacy in your grades,” he said. “It’s another reason why FERPA is kind of a joke. It doesn’t prevent incidents like this. You can never be stupid enough to violate FERPA.”

Read more on The Crimson White.

Related posts:

  • BUSTED? A blackhat’s revenge exposes a 2-year old patient data hack that Holland Eye Surgery & Laser Center failed to disclose
  • FERPA does not require data breach disclosure
  • MI: Holland Eye Surgery & Laser Center notifies 42,200 patients about 2016 hack
Category: Breach IncidentsEducation SectorExposureU.S.

Post navigation

← Aaron’s operations computer stolen during burglary, contained customers’ Social Security numbers
Study finds many turn to lawsuits following a data breach →

4 thoughts on “E-mail failure-to-bcc error exposes U. Alabama students’ failing grades to each other”

  1. Bill says:
    November 3, 2011 at 6:36 pm

    Dr davis is the same administrator, reported by the cw, who took an unapproved community service team to Pasadena during the bcd national championship and his expenses were paid for by the university. Why does the university administration continue forgive his mistakes.

    1. admin says:
      November 4, 2011 at 9:26 pm

      What is somewhat stunning to me is that I am not seeing mainstream media coverage of this breach. If the student newspaper hadn’t reported it, I wouldn’t have known about it to cover it here.

  2. WILLIAM F says:
    November 4, 2011 at 3:51 pm

    If some say Mr Davis just made a mistake and should be forgiven, the same should apply to the students. After all they didn’t mean to fail, they just made a mistake. Give all of them an A or at least a passing grade.

  3. RachaelK says:
    November 4, 2011 at 8:46 pm

    As a parent this concerns me. professor Davis should be dealt with

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.