New York City’s Department of Education accidentally sent an email that exposed 439 paraprofessionals' information.
The Department of Education exposed exactly 439 names, first, last names, and Social Security numbers.
They took immediate steps and offered identity theft protection.
DOE revived its policies to ensure this does not happen again.
Source: https://www.databreaches.net/nyc-dept-of-education-email-gaffe-exposes-439-paraprofessionals-ssn/
TPRM report: https://scoringcyber.rankiteo.com/company/nyc-department-of-education
"id": "nyc2427622",
"linkid": "nyc-department-of-education",
"type": "Breach",
"date": "02/2017",
"severity": "65",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Education',
'location': 'New York City',
'name': 'New York City’s Department of Education',
'type': 'Government'}],
'attack_vector': 'Email',
'data_breach': {'number_of_records_exposed': 439,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers']},
'description': 'New York City’s Department of Education accidentally sent an '
"email that exposed 439 paraprofessionals' information, "
'including names and Social Security numbers.',
'impact': {'data_compromised': ['Names', 'Social Security numbers'],
'identity_theft_risk': 'High'},
'lessons_learned': 'Revised policies to ensure this does not happen again',
'post_incident_analysis': {'corrective_actions': 'Revised policies',
'root_causes': 'Human Error'},
'response': {'containment_measures': 'Immediate steps taken to address the '
'issue',
'remediation_measures': 'Offered identity theft protection'},
'title': 'New York City’s Department of Education Data Exposure Incident',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}