If there is a Keystone Cops equivalent of a k-12 data breach, a recent incident involving Chicago Public Schools may be a strong contender. Last week, this site noted a breach that seemed puzzling in its description. Since that time, some informed parents have reached out to me to provide me with more details about…
Category: Exposure
Two El Paso County Sheriff’s employees claim county should pay them $400k for accidental leak of their personnel info.
We’ve seen mistakes made in responding to public records requests that result in people’s personnel information or identity information being improperly released. But if there’s a mistake, and the receiving party is a journalist who agrees NOT to use the information and who destroys the data, should those whose data were revealed be entitled to…
Details of 15,000 Orange users hacked
Alan Hope reports: Telecommunications company Orange has admitted that a “data leak” exposed the personal information of some 15,000 customers in Belgium to possible hackers. The leak took place two weeks ago, but was only this week revealed to the clients affected. Orange did not reveal exactly what details had been leaked, but the possibilities…
Chicago Public Schools error exposed more than 3,700 students’ and families’ data
David Struett reports: Chicago Public Schools apologized Friday evening for a mass email accidentally linking to the private data of thousands of students and families. […] Families were sent an email Friday evening from CPS’s Office of Access and Enrollment inviting them to submit supplemental applications to selective enrollment schools. Attached at the bottom of…
UK: Gloucestershire Police fined for revealing identities of abuse victims in bcc email gaffe
The Information Commissioner’s Office has really been busy handing out fines. Have you seen any monetary penalties imposed by regulators on police departments here in the U.S.? No, you haven’t, right? Gloucestershire Police has been fined £80,000 by the Information Commissioner’s Office (ICO) after sending a bulk email that identified victims of non-recent child abuse….
French Data Protection Authority Imposes a Record 250,000 € Fine to Optical Center for a Security Breach on its Website
Catherine Muyl and Marion Cavalier of Foley Hoag write: On June 7, 2018, the French Data Protection Authority (the CNIL) published a decision (issued one month earlier) in which it imposed a record 250,000 euros fine on Optical Center (which, although its name does not indicate, is a French company) for having insufficiently secured the…