In the Huffington Post article, “In Push For Data, Schools Expose Students To Identity Theft” author Gerry Smith writes about the growing risk of school kids data being stolen across the country. Data thieves want this information to commit identity theft. The author cites several recent cases:
- A hacker broke into the computer network of an El Paso, TX school district, finding a database of about 63,000 students’ Social Security numbers.
- Wake County, NC school officials accidentally mailed out about 5,000 postcards with students’ Social Security numbers printed on the front.
- Two laptops belonging to a state contractor were stolen from a car, divulging the Social Security numbers of nearly 8,000 Palatine, IL special education students.
- A former Broward County, FL high school teacher was sentenced to six months of house arrest for stealing the identities of students.
- A police officer for the Palm Beach County School District, was sentenced to eight years in prison for stealing the identities of former students and teachers.
The article says these incidents highlight the growing risk of school kids’ vulnerability to identity theft. Across the country, schools have become conduits for children’s pristine Social Security numbers, which are increasingly falling into the hands of credit-hungry identity thieves. The frequent data breaches have prompted calls for schools to stop collecting sensitive student data and have angered parents like Art Staehling, whose 14-year-old daughter was among 18,000 Nashville students who had their Social Security numbers accidentally exposed online for three months in 2009.
“They left the gate wide open,” Staehling told The Huffington Post. “It’s clumsiness. There’s no excuse for it. If schools want that information, there should be some sort of penalty paid if they don’t guard it with their lives. I haven’t found a reason why they honestly need it.”
Schools collect students’ Social Security numbers as part of a campaign to more precisely track their progress. But privacy experts told Huff Post there are less risky ways to identify students, accusing schools of needlessly exposing children to identity theft by gathering their Social Security numbers in central databases with lackluster security.
The push for collecting student data began under the federal No Child Left Behind Act. Financial incentives in the 2009 stimulus package, including Race to the Top‘s $250 million in competitive grants drove schools to collect student social security number, according to Reidenberg.
The U.S. Department of Education has warned schools not to use students’ Social Security numbers in their databases. The Huff Post says the Feds urge schools to create other unique identifiers. Social Security numbers are “the single most misused piece of information by criminals perpetrating identity thefts,” according to a technical brief issued last fall by the National Center for Education Statistics.
Despite the warnings, the collection and use of students’ Social Security numbers in K-12 schools remains “widespread.” An audit last year by Patrick O’Carroll, the Social Security Administration‘s inspector general found students’ Social Security numbers printed on transcripts, tests and athletic education forms. According to the article, The audit concluded that schools were using the numbers “as a matter of convenience.” O’Carroll found there have been at least 40 data breaches of confidential student information at K-12 schools since 2005.
“We believe the unnecessary collection and use of Social Security numbers is a significant vulnerability for this young population,” O’Carroll wrote. “Each time a student provides his or her Social Security number, the potential for a dishonest individual to unlawfully gain access to, and misuse, the number increases.”
Read Part 2 here:
Consumers Unions points out that Michigan law restricts how Social Security numbers can be used. In Michigan, SSNs cannot be printed on ID cards, intentionally communicated to the public and/or publicly displayed or mailed within an envelope.
- Young children can be identity-theft targets (goerie.com)
Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.