Virginia county school data accidentally posted online

Share this article:

An undisclosed number of Loudoun County Public Schools (LCPS) students and staffers in Virginia may have had personal information compromised after their data was accidentally posted publicly online.

How many victims? Undisclosed, but LCPS served about 60,000 students in 2013 and employs thousands of staff and faculty. 

What type of personal information? Names, addresses, telephone numbers, dates of birth, places of birth, dates of attendance and student schedules. 

What happened? Following some tests, links to the information were accidentally made available online by employees with Risk Solutions International (RSI) – a company that maintains an emergency management website for LCPS.

What was the response? The information was taken down. LCPS Department of Technology Services staff went through each link to determine its content. RSI worked with service-engine providers to remove accessed documents that were cached during the incident.

Details: The information is typically password-protected, but 1,286 links with information on all 84 LCPS schools were made available. RSI employees engaged in technical testing on Nov. 4, 2013, Dec. 19, 2013, and Dec. 24, 2013. The exact date the information was made publicly available is unknown, but LCPS was made aware of the incident on Jan. 2. Exactly how many links were viewed is unknown. The cached documents were removed as of Jan. 8.

Quote: “The website was not forcibly entered,” according to a post on the LCPS website. “The website never lost its password security.”

Source:, “Further Information on Risk Solutions International Website Issues,” Jan. 8, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters



More in The Data Breach Blog

Malware on Breyer Horses website for about 18 months, payment card data ...

Malware installed on the computer server hosting the Breyer Horses website may have compromised personal information for people who made purchases between March 31, 2013 and Oct. 6.

Transcript website flaw exposed personal data on 98k users expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.