Students’ vision tests and personal data eyed online

Information on Chicago Public School students who participated in a free eye examination was inadvertently made available on the Internet, attracting 14 Web surfers.

The school system on Nov. 29 sent letters to parents notifying them of the accidental post, which occurred sometime between June 18 and July 31.

On Oct. 7 a city resident alerted officials that the information was online.

City officials said it took from October until now to figure out what happened, which students were affected and to implement “safeguards.”

The data collected from about 2,000 students was “incorrectly configured,” Shannon Breymaier, a city spokeswoman to the Chicago Sun-Times. The 14 people who viewed the information included official investigators, according to the city.

“At this time we have no reason to believe that the information has been used inappropriately,” Breymaier said.

The data included the student’s name, date of birth, gender, identification number, vision exam date, diagnosis and school name.

“Upon learning of the misconfiguration, corrective steps were immediately taken to mitigate the problem and remove this information and all cached and archived versions of the data from the Internet,” Breymaier said. “The glitch was isolated to the vision program and did not impact any other city programs.”

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.