Imagine having your sensitive healthcare conditions openly available for all student peers and faculty to see. The impact on those exposed can be devastating.
As we already know with the education sector, keeping up with best practices in security is a challenge. In the 1.4 Billion Clear Text Credentials Trove we discovered late last year, education was #1 out of the top 10 industries suffering from domain-based email exposures.
Obviously, the industry as a whole needs to improve when it comes to security. But budget and expertise is always a challenge.
While this breach was a result of what looks like a publishing mistake, it's pretty reasonable to surmise that there are a myriad of doorways leading to more sensitive data exposed. IT staff needs to think outside the box of protecting their organization's perimeter and modernize with tools that can provide immediate insight on exposed credentials, PII and PHI in order to thwart attacks on their students and staff before damage is done.
Personal records of hundreds of Melbourne high school students have been mistakenly published, sparking an investigation into an “appalling” privacy breach. The Victoria education minister, James Merlino, said his department would launch an inquiry into the breach at Strathmore secondary college. “It’s nothing short of appalling ... it’s distressing for students and their parents because it may result in embarrassment, in bullying,” he told reporters on Wednesday. “These things should not happen.” Human error was believed to be the cause of the publication of more than 300 students’ records on the school’s intranet service which, according to News Corp reports, included information about medical and mental health conditions, medications, and learning and behavioural difficulties. The records were accidentally published as late as Monday and remained online until Tuesday, the Herald Sun reported, with parents and students seeing the information.