Education

Wake schools sent postcards containing Social Security numbers

Posted December 3, 2009
Updated December 4, 2009

Map Marker  Find News Near Me

— Wake County schools sent out thousands of postcards to parents that inadvertently contained their children’s Social Security numbers, officials said Thursday.

Michael Evans, a spokesman for the Wake County Public School System, said the postcards were reminders for parents who opted to send their children to magnet or traditional calendar schools to let the district know if they want to keep their children there.

"A programming error caused Social Security numbers to be printed on some address labels,” Evans said.

Wake Schools send postcards containing social security numbers Wake postcards contain Social Security numbers

Of the 15,000 postcards that were sent out across the district, about 5,000 had Social Security numbers printed on them.

“Those Social Security numbers should be locked down,” said parent Karen Newton.

Newton said the two postcards that she received contained both her daughters' Social Security numbers.

“There are people out there who will figure out…these are Social Security numbers and could lift them. I think it is very irresponsible,” Newton said.

Evans said the error can be attributed to an old system the district used, which used a student’s Social Security number as their nine-digit identification number. The district’s new system assigns a random nine-digit number to students.

Students that were already entered in to the old system were still assigned their Social Security number as an identification number.

Evans said the computer pulled the wrong fill causing some students to be identified by their Social Security number. The error affected students who were in elementary school when the old system was in place. Those students would be in middle or high school now.

“We feel terrible about it,” Evans said.

Evans said the district is doing a cross-reference check and notifying the state Attorney General’s Office, as well as the Wake County Board of Education. Parents will be notified individually.

“We are going to be offering them a year of free credit report checks for their families,” Evans said.

The school system will pay $20 per student for each credit check.

101 Comments

This story is closed for comments.

Oldest First
View all
  • donewithecu Dec 4, 2009

    For all those negative people out there I hope you make a major mistake and get FIRED!! People do make mistakes, but they don't deserve the inhuman treatment you show up here.

  • SailbadTheSinner Dec 4, 2009

    Patent incompetence !

    Doesn’t anyone LOOK at these things before they are sent out?

    STS

  • though Dec 4, 2009

    "As they say, those that can do things. Those that can't teach."
    TarheelsDontLikeEdwards

    And those who can't teach, spend all their time on Golo complaining about a job they don't know anything about. And what I DO is make a difference in someone's life. How about you?

  • fiestysp Dec 4, 2009

    They know now, it's on the News!

  • NeverSurrender Dec 4, 2009

    "I dare say it was knowingly done on purpose by WCPSS. Gotta teach those parents whose boss around here. They won't dare challenge WCPSS on such issues as year round and redistricting after this....WCPSS might expose the parents SSN next"

    Utter bullocks!

    What is more likely is that a code monkey got a lousy specification that incorporated use of a system and it's data that should have been retired and none of the project management caught the fact that they weren't properly using a limited data set or obfuscating the SSN.

    That, compounded by a lack of controls to properly QA the output to ensure that nothing gets mailed that isn't kosher, is the likely root cause of the breach.

    That's all the more reason to ignore form fields that ask for your SSN unless you have no choice (i.e. see the list of exempt organisations in an earlier post) and sometimes you can even get government agencies to not capture the SSN on the form.

  • aintbackingdwn Dec 4, 2009

    I dare say it was knowingly done on purpose by WCPSS. Gotta teach those parents whose boss around here. They won't dare challenge WCPSS on such issues as year round and redistricting after this....WCPSS might expose the parents SSN next

  • dugmeister Dec 4, 2009

    Programmers always get blamed. At some point there was a specification (ie. business requirements), then the programmer did what the document said,then it should have gone to a 'user acceptance test' by a non programmer, for sign off. This type of thing is NOT A PROGRAMMING ERROR! It is a failure of the Project Plan that was (or should have been) created for this type of endevor. Blame falls solely on the Project Manager. Shame, shame, shame.

  • NeverSurrender Dec 4, 2009

    "NeverS...good information, I never knew that, except the part about T-W Cable's stupidity."

    To be fair, most utilities try to demand the SSN but tend to back down when you mention the Privacy Act and that you're willing to authenticate with a much less dangerous method such as a driver's licence, etc. T-W is the only one I've never been able to reason with...

    On a related note...those HIPAA "privacy disclosure" forms you get at the consultant's office? You know, the boilerplate with loopholes you could drive the USS Nimitz through?

    The American Recovery and Reinvestment Act (ARRA) just gave HIPAA some teeth...i.e. providers can be held individually liable to the tune of up to 10 years/$250K fine for a PHI breach.

    Why do I mention this? Just picked up a nebuliser with a big HIPAA violation sitting at the front desk...the receptionist who sang out my address in earshot of perfect strangers...big NO NO! She's lucky I'm generally a nice chap and addressed it unofficially...

  • wildcat Dec 4, 2009

    This was not smart on someone's part. This could have felled into the wrong hands.

  • injameswetrust2003 Dec 4, 2009

    NeverS...good information, I never knew that, except the part about T-W Cable's stupidity.

More...