DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Oops – don’t forget to scrub those drivers license images!

Posted on May 6, 2015 by Dissent

On March 20, 2015, attorneys for the Central Dauphin School District in Pennsylvania notified the Maryland Attorney General’s Office of a breach involving visitors’ drivers license images.

The district has a security system that involves scanning visitors’ drivers licenses when they enter the administration building. The laptop that stored those images, which was provided by an unnamed external technology services provider, was returned to the provider on or about February 20, 2015 after being used for about two weeks.

Unfortunately, and it’s not clear to me whose responsibility this really was, it seems nobody scrubbed or securely deleted the images before the laptop was returned to the vendor or before the vendor reassigned the laptop to another client. The district’s lawyers make it sound like it may have been the vendor’s responsibility to do that.

In any event, the district learned of the breach on March 13, and the images were deleted from the laptop. Approximately 50-60 visitors had their drivers license images on the laptop, but only a sales representative from the vendor and the IT director for the other school district would have had access to the images.

You can read the notification on the Maryland Attorney General’s Office (pdf).

Category: Education SectorExposureSubcontractorU.S.

Post navigation

← Tiversa’s CEO responds to former employee’s testimony in FTC v. LabMD
Pennsylvania-based Summit Health joins ranks of those falling for phishing →

1 thought on “Oops – don’t forget to scrub those drivers license images!”

  1. Adam says:
    May 7, 2015 at 10:33 am

    It’s the responsibility of the person who bought the thing that scans licenses without thinking it through.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
  • Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY)
  • Cyberattack puts healthcare on hold for hundreds in St. Louis metro
  • Europol: DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants
  • DOGE aims to pool federal data, putting personal information at risk
  • Privacy concerns swirl around HHS plan to build Medicare, Medicaid database on autism

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.