P2021-ND-298

Alberta Teachers? Association

On September 1, 2019, online applications for professional development scholarships and bursaries were inadvertently stored in a section of the Organization?s website that was accessible publicly. As a result, applicants? contact information was returned as part of search-engine results when specific searches were conducted for the contact information data fields forming part of the application form. The breach was discovered on April 5, 2021, when a member of the Organization searched for her own email address and Google returned the online application form they submitted for the 2019-2020 scholarship / bursary funding. The member notified the Organization via email. The Organization investigated and found four other scholarship / bursary SharePoint archives were on a default setting that make them visible to the public. The Organization removed the information. The Organization reported, ?The information was not hacked but was returnable on a sufficiently specific Google search. There is no indication that the information was improperly accessed.?

File Type: pdf
Categories: 2021
Tags: Unauthorized disclosure