A private contractor working for the Metro Nashville Public School District in Tennessee unintentionally put student and parent data on an unsecured Web server at the end of December, making it available by searching Google.
How many victims? More than 18,000.
What type of personal information? Names, Social Security numbers, addresses and birthdates and the demographic information for 6,000.
What happened? The data was posted online from Dec. 28 to March 31.
The contractor — Public Consulting Group (PCG) — removed the information from the server March 5. The information was removed from Google by March 31 at PCG’s request.
Details: PCG handles student and parent data for several Tennessee school districts, but only the Nashville city school district was affected by the breach, said department spokeswoman Rachel Woods.
What was the response? Affected individuals will receive identity theft and online credit monitoring for free. The school system is notifying affected individuals by phone.
Quote: “We take full responsibility for this incident and we formally express our sincere apology to the students and parents of Metro Nashville Public Schools,” said Stephen Skinner, principal at PCG.
Source: http://www.wsmv.com, WSMV Nashville, “Metro Students’ Personal Data Leaked,” April 8, 2009