The following is cross-posted from PogoWasRight.org: For Data Privacy Day 2013 on January 28, I’ve tried to compile a list of questions parents should ask their child’s school district about how their child’s personal information is protected. Send your letter to your district’s Superintendent with a cc: to your district’s Board of Education: Dear ________:…
Category: Commentaries and Analyses
Minnesota resident sues state agency and employee over breach involving driver’s license database
A Minnesota resident, Jeffrey Ness, has filed a potential class action lawsuit against the state’s Department of Natural Resources (DNR) and Department of Public Safety after a DNR employee exceeded authorized access and accessed about 5,000 residents’ driver’s license information. The employee was terminated but the motive for the improper access was not disclosed. In the lawsuit filed…
E-number spreadsheet with Eastern Illinois University student data leaked
Chacour Koop reports: The grade point averages of 430 students were released to 65 students about two and a half weeks ago, which is a violation of the Family Education Rights and Privacy Act (FERPA). Robert Miller, Eastern’s general counsel, has refused to comment on the violations. Sue Harvey, Eastern’s registrar and FERPA officer, has…
HK: School websites compromised data privacy
Here’s something you likely won’t see here in the U.S. – partly because we don’t have a Privacy Commissioner and partly because the U.S. Department of Education remains disturbingly placid about all the breaches in the education sector – the government of Hong Kong issued the following statement: The Office of the Privacy Commissioner for…
On the wall of shame, SCDOR’s breach should rank embarrassingly high
Embarrassing reminders about the South Carolina Department of Revenue (SCDOR) breach continue. The Associated Press reports on testimony in yesterday’s hearing by the state’s House oversight panel: Revenue has been criticized for not using the state information technology division’s computer monitoring services — which are offered but not required — before the hacking. While the…
Global Payments revises total breach cost estimates upwards, but wait until you see what *didn’t* cost them
In September, I posted Global Payments’ statement from their quarterly filing that dealt with the costs of a breach disclosed in March 2012. BankInfoSecurity.com has just reported on their most recent filing. Whereas last year, Global Payments estimated the cost of the breach at about $84 million, their current 10-Q filing puts the cost of the…