student-medical-records-exposed-after-lausd-breach

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Student Medical Records Exposed After LAUSD Breach

On Feb. 22, the education news site The 74 Million revealed that the hacking group Vice Society had posted hundreds, if not thousands, of psychological evaluations of special education students in the Los Angeles Unified School District (LAUSD).

The leaked information reportedly includes personal information like names, diagnoses, family immigration status, and allegations of physical and sexual abuse.

Since The 74’s story, the official @LASchools Twitter account has sent messages about Dream Act applications, Anti-Bullying Day, and Eva Longoria. The account of LAUSD Superintendent Alberto Carvalho has tweeted about school building improvements, Narcan, and a new Portuguese language center. The LAUSD website has not posted updates on the breach, first reported over Labor Day weekend in 2022, since Sept. 30.

Subsequent news stories refer to a written statement from IT infrastructure senior administrator Jack Kelanic, which was distributed upon individual request and not posted to the district site or Twitter. About Kelanic’s statement, the Los Angeles Daily Mail wrote, “The 500 psychological evaluation forms analyzed by The 74 were primarily from former students born in the late 1980s and 1990s. Kelanic also said that 60 of the leaked student assessments were those of current students.”

When a hospital system lets that kind of information go public, it faces fines and other repercussions under HIPAA. However, when a school leaks it, the breach is covered by the Family Educational Rights and Privacy Act (FERPA), meaning the responsibility to file complaints lies with individual parents.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related News

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

The primary targets of this phishing campaign are located in the Ukrainian regions of Crimea, Donetsk, and Lugansk, which were…
CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md.,¬†March 24, 2023¬†/PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…