CPS breach exposes private student data

CHICAGO (Sun-Times Media Wire) - Chicago Public Schools apologized Friday evening for a mass email accidentally linking to the private data of thousands of students and families.

CPS apologized for the “unacceptable breach of both student information and your trust” and asked recipients of the email to delete the sensitive information, Executive Director Tony Howard wrote in an email to families that received the private data. The data includes children’s names, home and cellphone numbers, emails and ID numbers.

Families were sent an email Friday evening from CPS’s Office of Access and Enrollment inviting them to submit supplemental applications to selective enrollment schools. Attached at the bottom of the email was a link to a spreadsheet with the private data of over 3,700 students and families.

The link to the private data was active for several hours after CPS noticed and apologized for the breach. The link was eliminated by Saturday morning.

The employee responsible for sending the link was going to be removed from their position, Howard said.

This isn’t the first time CPS exposed the private data of students. Students’ medical conditions and dates of birth were shared by CPS in a spreadsheet February of last year. In 2016, a CPS employee improperly leaked student names, addresses and current schools to the Noble Network of Charter Schools.