The Utah State Office of Education discovered student information was compromised over the last six years.
How many victims? At least 5,500 students from 39 school districts and charter schools were compromised.
What type of information? The transactions linked student's names, academic services received, testing data, medical services, special education and legal information.
What happened? Student Personally identifiable information was inadvertently released by local education agency (LEA) staffers as it was being uploaded to the Utah Public Finance website.
What was the response? The Utah State Office of Education worked with the LEAs to identify both systemic and individual employee errors and implement corrections to address the problems. Website administrators were contacted and removed the accessible information. The individual LEAs are contacting the students and families.
Details? Between 2009 and October 2015 the information was inadvertently uploaded to the Utah Public Finance website as part of a wider data transfer that takes place on a regular basis and that is required by Utah law. Other information was uploaded via clerical error
Quote? "We were able to identify some systemic issues that were allowing that to occur," Smith said. "To the extent there was an inadvertent disclosure, it has been corrected and is no longer occurring. And going forward, I believe each district has a process in place to avoid it repeating," Brad Smith, state superintendent of public instruction said to KSL.com.
Source: Mark Peterson, public relations director, Utah State Office of Education and KSL.com