Joseph Cox reports:
Front Rush, a technology company that provides services to college athletics programs, exposed a server containing more than 700,000 files to the open internet, including college athletes’ medical records, performance reports, driver licenses, and other personal information.
Front Rush works with over 30,000 coaches and 9,500 teams according to its website. The company confirmed the data exposure in a statement.
Read more on Vice.
FrontRush did not respond to an inquiry from DataBreaches.net asking its status with respect to its educational institution clients — whether it was covered at all by FERPA, HIPAA or GLBA, given the types of data it was collecting.
DataBreaches.net would not be surprised if the firm said they were not covered by any of those federal laws, but then, what protects all that student information? Just state laws?
DataBreaches.net will update this post if a response is received from them.