After notifying educators about exposed data, Pennsylvania seeks to remedy security incident


The Pennsylvania Department of Education is doing damage control for a security incident it experienced last month involving the state’s Teacher Information Management Systems (TIMS).

The incident, which occurred exactly one month ago, likely exposed the sensitive personal data of former and current teachers. As a result, the education department has enlisted ID Experts, a credit monitoring company, to provide a year of free credit monitoring to all affected individuals.

The department notified teachers earlier this month — the letters mailed out were dated March 12 — that their Social Security numbers, dates of birth and home addresses may have been compromised, according to reports from The Morning Call.

The incident was caused not by a hacker, but by human error, the Pennsylvania Office of Administration said in a statement. During the exposure, which lasted from noon to 12:30 p.m. EST on Thursday, Feb. 22, professional school staff who logged in to the TIMS could see the personally identifiable information of other teachers and retirees.

Since the incident, the Pennsylvania Department of Education as well as the Office of Administration have been investigating, they said.

“The Department of Education is committed to full transparency and ensuring the safety of all Pennsylvania educators,” said Secretary of Education Pedro A. Rivera in a statement. “We thank our stakeholders for their patience.”

The departments were slow to mail out letters, they said, because they were trying to determine how many educators’ personal data was compromised.