Buckingham County Public Schools in Virginia has sent notifications to parents of 86 students after a compromise of a district’s business email account.
The incident occurred on June 20. Information in the email account included the student’s name “coupled with a limited amount of health or medical diagnostic and treatment information, and/or address. Examples typical of medical information
in the email account include immunization records, information that BCPS instructors use to facilitate a safe and productive learning environment for all students (e.g. notice of student allergies), and parents, students, and teachers reporting absences for doctor’s appointments or illness.”
The parents were offered identity theft protection for the student for one year via Experian. BCPS was not able to determine if any information in the email account was actually removed during the incident.