UK: Data breach at Greensward Academy
Information such as free school meal status, address, deprivation status, exam dispensation and special educational needs of Year 11 children at Greeensward Academy in Hockley was accidentally leaked by a teacher.
SENSITIVE information about pupils was leaked to parents and students following a data breach Data breach at Greensward Academy High School
The information was made available to Year 11 pupils and their parents via Google Classroom when a mock examinations timetable was shared by the teacher who was unaware the document also contained sensitive information.
“It’s just unacceptable for this to happen,” a parent who wished to remain anonymous said.
“Some kids might not want other kids to know these things about them, as sadly, when it comes to stuff like free school meals, they might be mocked or looked down upon.”
According to a pupil, who also wished to remain anonymous, the document was posted online on January 17 and was removed five days later.
They said: “Kids are going around saying other people are on benefits. Some of my friends are on there and they’re not comfortable that other people know their disabilities or if they are getting free meals.”
On Tuesday, a letter was sent to parents of Year 11 pupils explaining the mistake and detailing actions taken to rectify the leak.
What the Academy had to Say
Education support manager Tom Gibbs-Digby said: “At Greensward Academy, we take the security of personal data extremely seriously and work hard to ensure we work within the GDPR regulations to keep your personal data secure.”
General Data Protection Regulation (GDPR) came into law in 2018 and means individuals and establishments responsible for using personal data have to follow strict rules to keep it secure.
Mr Gibbs-Digby added: “The information was only visible to Year 11 students and their parents/carers registers with Greensward Academy and was not visible to any other outside parties, companies or organisations.
“The incident was reported immediately and has been logged with our data controller as a data breach. An investigation has taken place and the staff involved have been given training and guidance in an effort to ensure that this does not happen again.”
You may also enjoy reading, The largest DDoS to date, Microsoft mitigates a 3.47 Tbps DDoS attack
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.