Pete's Log: Baby's First Data Breach
Entry #2599, (Parenthood)(posted when I was 46 years old.)
Enrolling JB at our local public school resulted in us being signed up for various services:
- The site for tracking her grades and attendance
- The site for paying for school fees (and milk)
- The family directory site (not all families are listed in here, so potentially this one had an opt-out that I missed)
- The social-media-esque site with posts from her teachers (although the text posts have all also been sent by email, but on rare occasions they do also post pictures and videos here that don't get sent by email)
- The portfolio site for her art class (in half a year of Kindergarten, she's had two pieces of artwork posted here, but that doesn't stop this site from a. encouraging us to sign up as many "fans" for JB's art as possible and b. sending us constant offers to get her artwork printed on all variety of things)
- The fundraising platform for her fun run
Then there's all the random documents tracked in Google Drive, the random sign-up sites they use to track volunteering, and I'm probably forgetting some. From the beginning it's struck me as a data governance nightmare.
Today we got the inevitable email: a "nationwide security breach" at the district's "Student Information System" (which I guess is the fancy term for the site where we can look at her attendance and grades).
It's sad that it felt so inevitable. Part of me wants to run for the school board, just to make them review if all these 3rd party services are really necessary. Wonder which of these sites we'll be receiving an email about next...
(Thanks to Branden for this entry's title)