Is Kentucky’s school data secure?

Multiple news agencies such as the Bowling Green Daily News and WBKO are reporting that a student in the Warren County Public School System hacked into sensitive data held by the school system. That database reportedly included social security numbers for both staff and students, among other things.

This will add to growing concerns about the data being collected by our public schools. It isn’t the first time such breaches have occurred in Kentucky, either.

Considering the rich treasure trove such databases now provide to data thieves, when even students can hack into such sensitive areas, the public may need to pay close attention.

As a note, the Kentucky Auditor of Public Accounts pushed legislation on data security during the last legislative session. That bill, House Bill 5, won’t take effect until January 1, 2015, however. The act will require notification to individuals when their sensitive data is breached in a Kentucky agency’s database. Will the Warren County system do the right thing and follow the act’s notification procedures even though the act isn’t yet in force?