CPS accidentally leaks massive gifted student personal data

If your child has applied to a CPS selective enrollment school, you should be aware that there was a large data breach on June 15th, 2018. A simple mistake by an employee resulted in a mass email of a database file containing student names, application numbers, and contact info to over 3700 families. This is a violation of the trust parents put in CPS, as well as a security liability for those families. If you've sought enrollment in a CPS SEES school, you should double check their announcement to see if your data was compromised. You can check your inbox for an email sent on June 15, 2018, titled "CPS - OAE - Supplemental Application Opportunity". If you received this email, chances are, your child's data was in it. We believe the families who were impacted by this breach were those whose child had high enough scores for a SEES (Regional gifted or classical selective enrollment) seat but did not yet select one.

This is not a first time that sensitive student data was leaked by CPS.  Since this affects the Chicago gifted population specifically, we thought it would be newsworthy for us to share with our audience in case they are impacted. CPS promised to punish the employee accidentally causing the leak, and they said they will investigate. We hope that this new leak finally results in changes to the storage and sharing protocols of student data in CPS, not just an elimination of one employee.

At MAGE, we take privacy and data security very seriously and have policy in place to prevent a similar event from occurring. We are also still accepting fall applications.

Here is the CPS email following the leak:

Good evening,

Earlier today, in an unacceptable breach of both student information and your trust, we mistakenly included your private student and family information in an email to you and more than 3700 other families who were invited to submit supplemental applications to selective enrollment schools.

We sincerely apologize for this unintended disclosure and ask that you please delete the information in question.

We are taking this matter very seriously, and a review of this incident is underway to determine how this breach occurred and ensure a similar matter does not occur again. Additionally, we will be removing the responsible employee from their position because violating your privacy is unacceptable to the district.

If you would like to speak with someone regarding this matter, please contact (773) 553-2060.

Sincerely,

Tony Howard

Executive Director

CPS Office of Access and Enrollment