School Breach Affects 10,000Information Inappropriately Downloaded from Work Computer
Inappropriate downloading by a former employee of the Park Hill School District in Kansas City, Mo., resulted in sensitive information for more than 10,000 individuals being temporarily accessible online.
Just before leaving the district, which includes K-12 schools, a former employee downloaded all the files from their work computer onto a hard drive without consent, the district says. When the employee connected the hard drive to their home network, all the files became accessible online for a period of time.
"Unfortunately, this meant it was possible to find the files through a Google search or other sites that logged the IP address," the district says. "We know that at least one person accessed the hard drive and left the former employee a message warning that the information was available online."
The district has not determined whether that individual or others took any of the data. Exposed information includes Social Security numbers, personnel records and other records for current and former employees and students of the district.
Upon discovering the incident, the district worked with the FBI and assisted the former employee with removing the documents from the Internet. The district also worked with Google to get the information removed. Impacted individuals are being offered free identity monitoring services, the district says.
A spokesperson for the district says she's not aware of any consequences facing the former employee. "We worked with the employee to get the information," she says. "Right now we're just focusing on the people affected."
The district says it's working on updating its policies to "more clearly prohibit employees from taking information like this," and is now requiring training for every employee who has access to sensitive information.