Wednesday, December 25, 2024

COVID Test Data Breach at UK School

A mix-up at a school in Worcestershire, England, caused parents to receive the COVID-19 test results of other people’s children.

The data breach, reported today by the Evesham Journal, occurred at co-educational secondary school and sixth-form college The De Montfort School (TDMS) in Evesham, which is part of the Four Stones Multi Academy Trust.

After the holiday season, students returning to learning underwent asymptomatic testing for the coronavirus at TDMS on Tuesday. In a security incident ascribed to “human error,” some students’ test results were sent to the wrong guardians.

Ninth-grade student Amelia Felton was among the children affected by the data breach. Felton’s mother, Becky, learned of the security breach not through the school but via the parent of another student.

“I’m not very happy,” Becky Felton told the Evesham Journal. “It was another parent that told me she had received my daughter’s result. This is a serious breach of personal data.”

The headteacher at The De Montfort School, Ruth Allen, confirmed that the data breach had taken place while the test results were being uploaded to the school’s network. 

Allen said the incident had involved the personal data of only a small number of students. The school’s coronavirus testing process had been successful due to the cooperation of students and teaching staff.

“In line with government guidance, on Tuesday, January 4, the school facilitated asymptomatic testing for our students following the Christmas break,” said Allen.

“Testing for students was completed quickly and without fuss thanks to our excellent team of testers and the good will of our students, who now have testing down to a fine art. This meant that all students were back in face-to-face lessons on Wednesday.”

She added: “Unfortunately, whilst uploading results, a data breach occurred that affected a small number of students.”

Recommended:  A new gold standard to shield hackers acting in good faith

Allen said that the data breach has been investigated according to the regulations laid out in the Four Stones Multi Academy Trust data protection policy and that the security incident was reported to the Information Commissioner’s Office. 

The TDMS head added that the data breach was “found to be the result of a human error.”

Continue reading Cybersecurity News articles here

Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security