Sensitive Student Info Compromised by Testing Company
June 12, 2019
Sensitive student information stored on TotalRegistration.net may have been exposed due to a misconfiguration on the site’s Amazon S3 file storage device, which Total Registration became aware of April 11 and resolved April 12.
Total Registration is an online tool which MCPS uses for Advanced Placement and PSAT testing. As reported from Total Registration’s investigation, some data that users chose to save as .pdf, .csv. or .doc files, were exposed. The documents were accessible for 48 hours after the file was generated and were then automatically deleted.
Data that may of been exposed includes but is not limited to, students’ names, addresses, phone numbers and college board identification numbers. In a May 10 memo, Total Registration said they are not aware, nor is there any evidence of third parties accessing the breached data.
MCPS has asked numerous questions to clarify other details regarding the incident, but the vendor is yet to supply any helpful information regarding specifics about the incident, according to MCPS’ website.