YLE News reports:
The perpetrator of a major hacking of the City of Helsinki’s education division’s database could have accessed the personal information of all compulsory school aged children in the capital, as well as their parents or guardians, the city has revealed in a press release.
City authorities announced last week that the data breach affected about 80,000 parents and guardians, but this figure is now estimated to be 150,000. The hacker also gained access to the information of around 38,000 City employees.
“The City of Helsinki stores information on persons of compulsory school age from Helsinki, and their parents, based on the City’s duty to monitor the achievement of compulsory education,” the statement said, adding that the information was “stored on a City network drive” impacted by the breach.
Read more at YLE.
The city’s press release states, in part:
It is possible that the perpetrator has gained access to data on all persons of compulsory school age in Helsinki. The City of Helsinki stores information on persons of compulsory school age from Helsinki, and their parents, based on the City’s duty to monitor the achievement of compulsory education. This data was stored on a City network drive that was impacted by the data breach.
This set of data included the following information on learners from Helsinki born in 2005–2018 and their guardians:
- Personal IDs of the child and guardian.
- Addresses of the child and guardian (no phone numbers or email addresses). No addresses, phone numbers or email addresses of persons with a non-disclosure restriction were included.
- Native language of the child.
- Nationality of the child.
- Religious community of the child (evangelical Lutheran / orthodox / registered religious community / not part of a religious community).