NASHVILLE – The Tennessee Department of Education announced today that a private contractor inadvertently disclosed the personal information of more than 18,000 Metro Nashville Public Schools students and 6,000 parents during a data migration in Metro’s student data management system. This information was placed by Public Consulting Group, the contract vendor for this data file, unintentionally on an unsecured web server on December 28, 2008.
“It is critical that every child and parent know that this data has been removed and the potential for any misuse appears limited,” Education Commissioner Timothy Webb said. “The state Department has worked quickly with PCG and Metro Schools to correct the breach and develop a good plan to protect these families going forward.”
Students’ name, address, date of birth and full Social Security number was available through Google searches beginning Dec. 28, 2008. Parent demographic information was released. Upon discovering the information, PCG removed it from public access March 5. All information was removed from Google’s storage severs by March 31 at the request of PCG.
All parties involved are working together to ensure such actions do not occur in the future. Safeguards are also being implemented immediately to protect the affected students and parents. These measures include:
PCG will provide identity theft and online credit monitoring to every family and individual affected at no cost. The monitoring will be provided through Experian; Metro parents will receive notification of the breach via Metro Schools’ automated call center. The automated call will provide parents with details about the incident and remedies being provided; Letters will be mailed to affected families in the next several days notifying them of the breach. Those letters will provide additional instructions and information regarding credit protection.... read the rest of the story by Subscribing now.