Virginia county school data accidentally posted online

Share this article:

An undisclosed number of Loudoun County Public Schools (LCPS) students and staffers in Virginia may have had personal information compromised after their data was accidentally posted publicly online.

How many victims? Undisclosed, but LCPS served about 60,000 students in 2013 and employs thousands of staff and faculty. 

What type of personal information? Names, addresses, telephone numbers, dates of birth, places of birth, dates of attendance and student schedules. 

What happened? Following some tests, links to the information were accidentally made available online by employees with Risk Solutions International (RSI) – a company that maintains an emergency management website for LCPS.

What was the response? The information was taken down. LCPS Department of Technology Services staff went through each link to determine its content. RSI worked with service-engine providers to remove accessed documents that were cached during the incident.

Details: The information is typically password-protected, but 1,286 links with information on all 84 LCPS schools were made available. RSI employees engaged in technical testing on Nov. 4, 2013, Dec. 19, 2013, and Dec. 24, 2013. The exact date the information was made publicly available is unknown, but LCPS was made aware of the incident on Jan. 2. Exactly how many links were viewed is unknown. The cached documents were removed as of Jan. 8.

Quote: “The website was not forcibly entered,” according to a post on the LCPS website. “The website never lost its password security.”

Source: loudoun.k12.va.us, “Further Information on Risk Solutions International Website Issues,” Jan. 8, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in The Data Breach Blog

Backup hard drive stolen from law firm contained personal info

Social security numbers were among the information on a backup hard drive that was stolen from an employee of Imhoff and Associates, PC.

POS malware infections at two OTTO pizzeria locations in Maine

About 900 customers at two OTTO pizzeria locations in Portland, Maine, had payment card data compromised after POS malware was discovered on terminals.

Los Angeles-based health system breached; more than 500 patients affected

Personal information on more than 500 Cedars-Sinai Health System patients was compromised after a laptop was stolen from an employee's home.