Fox5 reports:
The personal information for 2,000 homeless D.C. students was mistakenly published online and accessible for six months, school officials said.
According to D.C. Public Schools, the accidental disclosure took place after a spreadsheet with the students’ information was provided to the D.C. Council. The spreadsheet was then posted on the council’s website.
The information included student names, birthdates, identification numbers, grade levels, attendance information, housing status and whether they qualified for special education and English Language Learner services.
D.C. Public Schools said they recently discovered that the spreadsheet was able to be accessed on the website from Feb. 5 to Aug. 9. The information was removed from the site on Aug. 9.
Read more on Fox5.
So this is the third exposure breach since 2015. And of course, there are generally no real consequences for districts that expose students’ private and/or sensitive data.
h/t, Doug Levin and @K12CyberMap