Data breaches at school, hotel expose at least 20,000

A school district in Missouri and a luxury hotel in Texas said data breaches exposed payment and personal information of at least 20,000 people.

The Park Hill School District in Kansas City said a former employee downloaded files from his or her work computer onto a hard drive before leaving the district. School officials decline to identify the former employee or speculate as to why he or she would download the information.

But when the hard drive was connected to the former employee’s personal computer, the files were accessible to anyone via a Google search. Documents contained information such as Social Security numbers, personal records and student records.

“We know that at least one person accessed the hard drive and left the former employee a message warning that the information was available online, but we cannot tell whether that person or anyone else too any information,” said the school district, which was first told by a resident on April 1 that sensitive information could be found online.

Letters to 10,210 current and former employees and students were sent earlier this week.

The district said it worked with the FBI and digital forensic experts and is working on updating policies to prohibit employees from taking this type of information.

Meanwhile in Houston, credit card information of at least 10,000 customers of the Houstonian Hotel, Club & Spa during a data breach that started late last year.

The Houstonian said it was contacted by the US Secret Service about the breach of its payment processing systems. The hotel said it does not know exactly how many customers were impacted but it does believe it stopped the breach and remedied the systems as of June 20.