District: Middle Schooler Accessed File with Personal Information of 2,000 District Employees

A Radnor Middle School student accessed a computer file that contained the Social Security numbers, addresses and cell phone numbers of 2,000 current and former Radnor School District employees.

Radnor Middle School
Radnor Middle School
A Radnor Middle School student accessed a computer file that contained the Social Security numbers, addresses and cell phone numbers of 2,000 current and former Radnor School District employees.

According to a Nov. 25 letter from Superintendent Michael J. Kelly to current and former employees, the student was logged into the district's secure network on a student classroom computer in the middle school in May or June.

The student copied the file and emailed it to three other students, Kelly said. He said officials learned about the matter on Nov. 4.

"The file was accessible because the district was in the process of transferring data to a new financial software provider. A district employee unintentionally left the file accessible after a transferring of data," Kelly wrote.

The three students and their parents assured that the email had been deleted without being copied or forwarded.

"The district does not believe the students had any malicious intent and there is no evidence that any personal information was used inappropriately," Kelly wrote.

Among other things, the district has eliminated the ability of network users to browse the network and removed the accessed file from the network, Kelly said.
John Child December 03, 2013 at 08:25 AM
Send this Middle School Kid to Washington DC and put him/her in charge of Computer Security for the Affordable Care Act... I hear that DC could use the help.
I Lived Here for 25 Years & Finally Moved Out December 03, 2013 at 08:36 AM
Terminate the existing Middle School IT teachers and, as punishment, make this kid teach the IT classes. He/she knows plenty more than anyone a few years older :)
TedC December 04, 2013 at 12:18 PM
This is outrageous. http://radnortsd.schoolwires.com/cms/lib/PA01000218/Centricity/Domain/807/Finance%20Committee%20Minutes%206-19-12%20Accepted%208-14-12l.pdf - Shame on these folks. $43K a year for a financial solution that allows for unencrypted PCI data to be passed on a NFS. File encryption is free and easy to use (truecrypt). How was that data transferred? Did they email it? Radnor School District employees should be entitled to identity theft protection from the school district. That's 2000+ folks at approx $125. That $43K doesn't seem like such a deal now. Thanks Harris School Solutions. At a minimum the school district is required to alert credit agencies. I'd like to know if the district followed PA law. How was the breach disclosed? Did a parent come forward. That means they can't really say how many times the file was access or where it went. Also it seems that the implementation is taking considerably longer than the projected June 2013 date. How much is that costing. Good we have a budget surplus. Here's the law RSD. http://weblinks.westlaw.com/result/default.aspx?cite=UUID%28N9E0F06908C-5311DA94379-7541B5FDE35%29&db=1000262&findtype=VQ&fn=_top&pbc=DA010192&rlt=CLID_FQRLT2130481011412&rp=%2FSearch%2Fdefault%2Ewl&rs=WEBL13%2E10&service=Find&spa=pac-1000&sr=TC&vr=2%2E0
SAM SMITH December 04, 2013 at 03:27 PM
How do we know the files didn't go anywhere else? Police apparently didn't investigate, so how would we REALLY know who else has these files? Parents and kids will "say" anything to protect themselves, and without positive forensic proof, we just really don't know. Lets talk about really finding out that bit of information, shall we please NEW BOARD MEMBERS?????


More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »