Maryland Department of Education inappropriately stored the personal information of more than 1.4 million students and more than 230,000 teachers, leaving it more susceptible to interception by bad actors.
It was also found that the department had not instated “sufficient” malware protection, nor did it ensure that critical systems managed by third parties were protected against security risks.
It manages information technology systems housing student data that includes Social Security numbers and names of students and teachers.
It was determined that this information was not encrypted, despite the office’s recommendation to remediate this issue in its previous audit in March.
Source: https://edscoop.com/1-4-million-student-social-security-numbers-found-unencrypted-in-maryland/
"id": "MAR22322423",
"linkid": "mdpublicschools",
"type": "Data Leak",
"date": "07/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"