The PRIVATE WiFi Blog

Search By Topic:

Popular Topics:



PRIVATE WiFi

The PRIVATE WiFi Blog

News & Features | Jul 10th, 2012

Pop Quiz: Do You Have to Provide Your Child’s Social Security Number on School Enrollment Forms?

Elaine Rigoli

This recent editorial cartoon in The New Yorker put a face on how simple it is for hackers to succeed at stealing sensitive information online.

It happens as easily to adults as it does to kids.

Nearly 400,000 kids get their identities stolen each year, according to the Federal Trade Commission.

In fact, federal authorities have warned about people with bad credit buying “credit profile numbers” or CPNs from businesses that use computers to locate and sell Social Security numbers issued to children.

Identity thieves steal kids’ Social Security numbers because their credit is generally untarnished. It’s not until years later -- when they apply for a store credit card, a college loan, or a job -- that they find out their credit has been destroyed.

Just think of all the personal details you provide to your child’s school before enrollment: name, date of birth, Social Security number, home address, parents’ names, phone numbers, emails, and other highly sensitive personal information.

That information is also all that is needed to steal your child’s identity -- but especially the Social Security number.

Of course, most parents expect that a student’s record is private and won't be stolen. Surely that sort of file is kept under lock-and-key in some old-fashioned, dusty file drawer in the back of the principal’s office, right?

Turns out, that’s wrong. Your child’s sensitive personal information is not safe or secure. It’s entered into a district-wide database that can be accessed by anyone with permission. And in many cases, hackers have accessed the information as well.

So, do you actually have to give your child’s Social Security number to enroll him or her in a public school?

The surprising answer is “no” – thanks to a federal law stating that students are not required to provide their Social Security numbers to schools in order to prove citizenship.

But it turns out that about half of Florida’s school districts have it wrong, incorrectly telling parents they must provide their child’s Social Security number for enrollment purposes, according to a study from the American Civil Liberties Union of Florida.

For example, the 2011-2012 Funding for Florida School Districts report states:

Article IX, Section 1 of the Florida Constitution, establishes the State of Florida’s commitment to funding K-12 education, as follows:

“The education of children is a fundamental value of the people of the State of Florida. It is, therefore, a paramount duty of the state to make adequate provision for the education of all children residing within its borders. Adequate provision shall be made by law for a uniform, efficient, safe, secure, and high quality system of free public schools that allows students to obtain a high quality education…”

 

 

According to the ACLU, Florida is not keeping up with that promise to ensure a “uniform, efficient, safe, secure” experience for students and is causing parents to unknowingly expose their child to identity fraud, credit fraud, and other forms of fraud associated with having someone’s Social Security number.

School District Hacking

It's not just a problem in Florida, and parents need to become more aware of this alarming epidemic.

Last month in Oregon, a hacker allegedly accessed the personal data for nearly all of the Eugene school district's students. Parents were alerted that highly confidential student information -- including some students’ Social Security numbers -- were part of the online security breach. Why weren’t all Social Security numbers breached? Thankfully, the district had only recently stopped requesting that information, according to a school official.

Last month in Tennessee, nearly 9,000 Social Security numbers were stolen from the Clarksville-Montgomery County school district database and posted online. About 5,000 belonged to district employees, and the rest belonged to students born between April 1987 and September 1993. In total, about 110,000 student files were stolen. All school system websites were shut down while the district contacted the Tennessee Bureau of Investigation and the Federal Bureau of Investigation.

Last year in Missouri, a direct-deposit paycheck snafu exposed some employees' personal and financial information. Staff were advised to closely monitor their personal financial information, and “consider taking additional security measures such as, but not limited to, changes in logins, passwords, security questions, and/or responses which authorize financial transactions to proceed.”

Last year in Texas, kids in El Paso had their Social Security numbers exposed after someone hacked into the school district's database that had the names, ethnicities, student ID numbers, and Social Security numbers of nearly 7,000 students. The suspect was caught but not before he had allegedly posted the personal information of the students on an Internet fraud website.

Just Say No

Knowing what you know now, would you still provide your child’s Social Security number on school enrollment forms? Plus, how do you know whether your child’s school is using proper technology to safeguard sensitive information? Some questions to ask include the following:

  • Does my child’s school district use firewalls?
  • What other sort of in-house encryption does the school district use?
  • Has the school district ever been hacked? If so, what kind of information was stolen?
  • Do school administrators and teachers routinely access school files remotely via laptops, tablets, smartphones, or home computers? If so, how are those files protected?
  • Does the school district provide its employees with a VPN to encrypt their online activity? If not, are teachers and other personnel encouraged to use their own personal VPN?

If you are at all concerned with your student’s credit and think his or her identity has been stolen or used for any fraud, call consumer reporting companies to place a free 90-day fraud alert on your child’s credit reports. This will stop someone from opening a new account in the child’s name.

The companies include Equifax (1-800-525-6285); Experian (1-888-397-3742); and Trans-Union (1-800-680-7289).

 

Associated Topics:

Associated Topics:

Comments

Related Posts

The Three Legs of Protection: Antivirus Software, Firewalls, and VPNs

Thought Leadership
Kent Lawson | Apr 15th, 2015

We've all heard about antivirus software and firewalls. But we probably don’t know as much about the third leg of computer protection: a VPN, or virtual private network. In his latest article, company CEO Kent Lawson says we do this at our peril, because the damage we can suffer from not using a VPN may far outweigh the risks of the other two combined. After the large-scale hack attacks over the past few years, VPNs are now earning their spot as the third security leg that is vital to every-day computer security. Read More

New Hotel WiFi Vulnerability

Thought Leadership
Alok Kapur | Apr 9th, 2015

Earlier this year, the FTC declared a critical announcement for travelers: hotel WiFi is dangerous. Many people assume that because they are paying for it the network must be safe, but that is a dangerous assumption. Hotel WiFi networks are completely insecure; the bad news is that a new exposure in hotel WiFi has just been found. Read more to find out how you can keep yourself protected. Read More

Cyber Security Training Just As Important at C-Level

Thought Leadership
Eva Velasquez | Mar 24th, 2015

The need for better online safety training to prevent data breaches is a hot topic right now. Coupled with stronger computer and network policies, companies want to prevent the hacking events that leave businesses susceptible to a data breach. While it’s no secret that employees in both the private sector and government service can unintentionally expose organizations to hackers, what is surprising is a report by Wombat Security that shows that 33% of CEOs fell for phishing attacks that led to network access. Why are they falling for this kind of internet activity? Read More

E-filing: The Fastest and Safest Way to File Taxes?

Thought Leadership
Eva Velasquez | Mar 9th, 2015

E-filing your annual return to the IRS offers speed and convenience and when coupled with industry-approved software that can plug in the values for you, a lot of the headaches traditionally associated with doing your taxes are eliminated. However, there are some potential dangers that you should be aware of, such as insecure public WiFi networks and online tax fraud. Read More

X

Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.