Central Bedfordshire Council accidentally leaked the details of 'dozens and dozens of special educational needed (SEND) pupils as a response to a Freedom of Information (FOI) request.
The request was made to the parents who are campaigning for better educational services for their children with special educational needs but the council did not redact the personal details of the children listed and published it on a public website.
The council apologized to the families affected by the data breach.
TPRM report: https://scoringcyber.rankiteo.com/company/central-bedfordshire-council
"id": "cen13617822",
"linkid": "central-bedfordshire-council",
"type": "Breach",
"date": "05/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Public Administration',
'location': 'Central Bedfordshire, United Kingdom',
'name': 'Central Bedfordshire Council',
'type': 'Local Government'}],
'attack_vector': 'Accidental Exposure',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal Information'},
'description': 'Central Bedfordshire Council accidentally leaked the details '
'of dozens of special educational needs (SEND) pupils as a '
'response to a Freedom of Information (FOI) request. The '
'request was made by parents campaigning for better '
'educational services for their children with special '
'educational needs, but the council did not redact the '
'personal details of the children listed and published it on a '
'public website. The council apologized to the families '
'affected by the data breach.',
'impact': {'data_compromised': ['Personal Information of SEND Pupils']},
'title': 'Central Bedfordshire Council Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Improper Data Redaction'}