Establishing Digital Trust: Don't Sacrifice Security for Convenience
The Chicago Sun-Times reports that health information on approximately 2,000 Chicago Public Schools students who participated in a free vision exam program provided by the city was recently posted online by mistake (h/t DataBreaches.net).
The data, including the students' names, birthdates, genders, identification numbers, vision exam dates, diagnoses and school names, was uploaded between June 18 and July 31, 2013. A resident notified the city that the information was online on October 7, 2013.
"Upon learning of the misconfiguration, corrective steps were immediately taken to mitigate the problem and remove this information and all cached and archived versions of the data from the Internet," city spokeswoman Shannon Breymaier told the Sun-Times. "The glitch was isolated to the vision program and did not impact any other city programs."
According to Breymaier, only 14 people viewed the information online, including federal investigators. "At this time we have no reason to believe that the information has been used inappropriately," Breymaier said.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Parents are currently being notified by mail, and the city has conducted an internal investigation and instituted new security measures in response to the breach.