DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Oops – don’t forget to scrub those drivers license images!

Posted on May 6, 2015 by Dissent

On March 20, 2015, attorneys for the Central Dauphin School District in Pennsylvania notified the Maryland Attorney General’s Office of a breach involving visitors’ drivers license images.

The district has a security system that involves scanning visitors’ drivers licenses when they enter the administration building. The laptop that stored those images, which was provided by an unnamed external technology services provider, was returned to the provider on or about February 20, 2015 after being used for about two weeks.

Unfortunately, and it’s not clear to me whose responsibility this really was, it seems nobody scrubbed or securely deleted the images before the laptop was returned to the vendor or before the vendor reassigned the laptop to another client. The district’s lawyers make it sound like it may have been the vendor’s responsibility to do that.

In any event, the district learned of the breach on March 13, and the images were deleted from the laptop. Approximately 50-60 visitors had their drivers license images on the laptop, but only a sales representative from the vendor and the IT director for the other school district would have had access to the images.

You can read the notification on the Maryland Attorney General’s Office (pdf).

Category: Education SectorExposureSubcontractorU.S.

Post navigation

← Tiversa’s CEO responds to former employee’s testimony in FTC v. LabMD
Pennsylvania-based Summit Health joins ranks of those falling for phishing →

1 thought on “Oops – don’t forget to scrub those drivers license images!”

  1. Adam says:
    May 7, 2015 at 10:33 am

    It’s the responsibility of the person who bought the thing that scans licenses without thinking it through.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.