Schools carry a huge amount of personal data – both of their staff and students. With Data Privacy Act of 2012 (RA 10173) in full effect, everyone is expected to be compliant (or, at the very least, doing something to be compliant). Schools are no exemption.
There’s this one Facebook post that caught our attention. It was posted by one user who shared what seems to be pages of their school’s yearbook. Her caption showed that they haven’t received the said yearbook but was surprised to know that it since been used as a wrapper for some rice porridge. Her status may look like harmless but those pages of their yearbook contain a lot of personal information that have been shared to some strangers.
Based on the screenshots, personal information such as the students’ photos, full names including middle names, and their respective courses
While most commenters took the incident lightly and even laughed at the fact that they have finally seen a glimpse of their yearbook, some realized that what happened is a “legit a security risk” and an “invasion of privacy”.
It seemed like this incident has already been reported to the proper authorities and that they are now looking into the matter. We’ve also tried reaching out to some of the people in the post to get feedback and updates.
Whoever the printing company behind this yearbook is, they have some explaining to do with the school and their clueless students. The school also needs to review their existing data sharing agreements (assuming they have one) with entities such as this printing company.
Note: We have intentionally removed the names of the students and other information in the associated photos. We will also update this article as soon as we get valuable information from the people we have contacted.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024