ANGRY parents last night criticised a school after personal information about children – including addresses, dates of birth and entitlement to free school meals - was accessed and shared by a pupil.
Staff at Greenfield Community College in Newton Aycliffe, County Durham, wrote to parents to alert them to a potential data breach last week, causing widespread fears about the school’s IT security.
On Monday, October 12, during a search of the school network, a pupil opened a systems maintenance file which was not password protected.
The file contained personal details about youngsters enrolled at Greenfield between 2010 and 2014, which the pupil downloaded onto a memory stick and a phone and then shared with his classmates.
Last night, David Priestley, executive headteacher at Greenfield Community College, reassured parents that the school took the protection of personal data very seriously and was working to ensure such a breach did not happen again.
He said: “As soon as we became aware of the issue we took immediate action to delete the information from the devices it was stored on and we are satisfied that it was not shared more widely.”
However, many parents remain unimpressed and say they have no faith in the school’s data protection methods.
Elizabeth Reeve, whose daughter left Greenfield this summer, said: “I am very angry and upset but I’m not surprised. I am not the biggest fan of the school and this has confirmed what I already thought.
“We only have the school’s word this information hasn’t been spread any further and with the internet and social media who knows where it could end up.
“In the letter they say ‘to the best of our knowledge,’ which doesn’t exactly fill you with confidence.”
Another affected parent, whose daughter left the school four years ago, added: “How can a file like that not have been password protected? It makes you question what other information is being stored and why they are still storing information about pupils who left years ago. If a pupil could access it so easily, a hacker would have no problem.”
The leaked information included names, dates of birth, addresses and postcodes, email addresses, student identification numbers and whether the pupil was entitled to free school meals.
It did not contain any sensitive personal data, such as medical information, health records, details of racial or ethnic origin or religious and political beliefs.
In the letter, parents were told the original file had been removed from the college network.
Ms Reeve, 39, who runs her own cleaning business, Elizabeth’s Elite Cleaning, said parents had a right to know whether the child had been disciplined.
“We deserve to know what has happened to him,” she said. “This is a serious matter, which has alarmed and upset a lot of people.”
Similar views have been expressed on Facebook.
One parent wrote: "Apparently he'd shared [my son’s] information around the classroom – disgraceful.”
Another added: “I'm curious to know why he did it and what punishment he got plus how the hell personal information like that wasn't password protected.”
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel