NICOLE M BALLAGH: Identity Exposure Report
(Louisiana State Board of Regents, St.-2520Tammany.htm*)
The following information about NICOLE M BALLAGH was exposed*:
- First Name
- Last Name
- Middle Initial
- Social Security Number
The Liberty Coalition published the following press release about this breach, which is republished here for your convenience. The city references the location of the breaching entity, and not the location of this individual:
BATON ROUGE, Louisiana. In late June 2007, the Liberty Coalition discovered approximately 163,000 social security numbers, and contact information for nearly 200,000 Louisianans, in nearly 200 online documents. The affected individuals appear to be mainly former Louisiana high school students born between about 1979 and 1987, as well as roughly 34,000 Louisiana state education employees.
The files were posted on a website belonging to the Louisiana State Board of Regents, which appeared to be an online interface for an internal network. The files with sensitive information were among internal documents, usernames, passwords, company e-mail, personnel records, personal documents, family photos, and pornography. While parts of the network were password-protected, the folders containing these 200 files were open to the public, and not password protected. Many of them were indexed by major search engines. While nobody knows exactly how long the files were exposed, WDSU in New Orleans reports that the files may have been online as long as 1-2 years. The Board of Regents has posted an advisory on the subject. In the advisory they have indicated that
"Any student who was enrolled in the 10th grade at a Louisiana public high school and took the EPAS (Educational Planning and Assessment) Plan test between 2001 and 2003, [and] Any Louisiana public college or university faculty or staff member who was employed in either 2000 or 2001 [may be at risk]."As of the date of the breach, the Louisiana State Education system used a student's Social Security Number as their student ID.
Within one hour of notification, the Board of Regents shut down all access to the files and reported the breach to the Louisiana Attorney General's office and the state's Chief Information Officer, both of which are continuing to investigate the breach. They also contacted Google and other major search engines, to request that they clear their search engine caches.
The Board has also contracted with Verma Systems, Inc., a network solutions company, to improve the security of their data and systems and also with the Identify Theft Resource Center, a nationally respected nonprofit organization specializing in the prevention of identify theft, to assist them with exposure notification and to provide professional advisory services free of charge to individuals who may have been negatively affected by this data security breach. The Board of Regents has also established a call center and website to respond to questions and provide additional information regarding this issue.
IXR ID: 46950
If this is your IXR and you would like to hide it, click here to learn how to hide your IXR