Las Cruces Schools Data Exposed on Web

May 8, 2008

Albuquerque Journal

By RENE ROMO Journal Southern Bureau

LAS CRUCES -- A part-time computer analyst for Las Cruces Public Schools inadvertently posted personal data for 50 special education students and 1,750 district employees on the Internet, district officials said Wednesday.

LCPS Superintendent Stan Rounds declined to specify what kind of information was moved from a secure, encrypted database to the Internet, or to identify the Web site it was unintentionally moved to. But he said the information could be used in identity theft.

"Our school district goes to great lengths to maintain the confidentiality of student and staff records," Rounds said during a news conference. "This appears to be an isolated incident that was caused by human error.

"Nonetheless, I am very concerned there was a breach of confidentiality," he said.

The personal data was posted to an unsecured Web site on April 29. The error was discovered Monday, and Rounds immediately ordered the data removed from two Internet sites where it was found.

"We're continuing to search for any other locations where it may exist," he said.

School district officials said that at the present time, there is no indication the personal information has been misused.

However, as a precaution, each student and employee affected will be provided free credit fraud protection for up to one year.

The school district is in the process of contacting the affected students as well as the teachers, principals, administrators and other employees whose personal information was disclosed on the Internet.

Rounds said he will set up an ad hoc committee to review LCPS policies and procedures. He also said an investigation will be conducted to determine exactly how the mistake occurred.

The employee responsible for the error has been placed on paid administrative leave, Rounds said.

main page ATTRITION feedback