JEFFERSON CITY - The Department of Elementary and Secondary Education (DESE) says it was made aware Tuesday that personally identifiable information was vulnerable on a website maintained by DESE.
Social Security numbers of school teachers and administration were vulnerable within the educator certification data available on DESE’s website, according to a news release.
The St. Louis Post-Dispatch reports it discovered the flaw in the search system and notified DESE. No private information was clearly visible nor searchable, according to the Post-Dispatch.
The educator certification search tool was disabled immediately by removing public access to the system and updating the HTML code to fix the vulnerability.
These records were only accessible on an individual basis, and there was no option to decode SSNs for all educators in the system all at once, according to a news release.
The state says it is unaware of any misuse of individual information or even whether information was accessed inappropriately outside of this isolated incident.
An investigation is ongoing to make sure there are no other potential vulnerabilities within DESE’s data or the data collected by other state agencies.