AP reports: A junior high school student reportedly hacked into the email system of Gilbert Public Schools and sent inappropriate messages to other students. District officials said the Highland Junior High student got access to the teacher’s login information and emailed messages to other students over the weekend. Read more on The Arizona Republic. And the…
Intermedix data breach class action case dismissed
Linn Foster Freedman has an update to the Intermedix data breach litigation filed last year: On May 3, 2016, the parties to the suit agreed to dismiss the case with prejudice with no payment of attorneys’ fees, costs or other expenses to the other party, which means that each party is to bear its own costs….
Open records request goof exposes personal info of 36,000 Poway USD students and their parents
Yet another breach in response to an open records/freedom of information request, this one affecting 36,000 Poway Unified School District students in California. CBS reports: The privacy breach leaked information about every student in the district and it included: medical information, home addresses, nicknames, birthdates, student grades, test scores and parents’ sensitive occupations. The San Diego…
MO: After school closes its doors, personal student records remain inside, unprotected
Monica Evans reports: Former students and parents want to know why student records with personal information are sitting inside an abandoned school at 77th and Wyandotte in Kansas City, Mo. The former Bingham Junior High School building closed in 2001, but an anonymous source gave FOX 4 a box of files containing student names, social security…
AU: CabCharge Data Exposed, Still Waiting For A Response Much Like Their Customers!
RiskBased Security reports that although it notified CabCharge of a misconfigured database leaking customer information and CabCharge seems to have taken steps to secure the data, CabCharge has neither acknowledged the notification nor notified customers: …. Our lead researcher quickly contacted CabCharge.com.au to alert them to the issue. After a few hours of checking on the status of…
130 days, 1,500 notifications: Does Dutch breach rule foreshadow GDPR?
Lokke Moerel and Alex van der Wolk write: As we write this, it is now four months since the new data breach notification law in the Netherlands went into effect. Since 1 January 2016, data controllers are obliged to notify the Dutch data protection authority (DPA) and individuals if the security of personal data has been…