ADVERTISEMENT

American college spills half a million files with personal data

Bank Street College of Education, a New York-based private school, exposed hundreds of thousands of files with personal data, including home addresses and phone numbers.

Bank Street College data leak

Image by Cybernews.

Vilius Petkauskas
Vilius Petkauskas Deputy Editor
May 13, 2025 Updated: 13 May 2025 1 min read
Stefanie Marcus Walsh Jesse William McGraw Nihad Hassan
Don’t miss our latest stories on Google News
Add us as your Preferred Source on Google.

What Bank Street College of Education data was exposed?

  • Full names
  • Home addresses
  • Email addresses
  • Phone numbers
  • Educational and professional backgrounds
ADVERTISEMENT
Bank Street sample
Sample of the leaked data. Image by Cybernews.
  • Change the access controls to restrict public access and secure the bucket.
  • Update permissions to ensure that only authorized users or services have the necessary access.
  • Monitor retrospectively access logs to assess whether the bucket has been accessed by unauthorized actors.
  • Enable server-side encryption to protect data at rest.
  • Use AWS Key Management Service (KMS) for managing encryption keys securely.
  • Implement SSL/TLS for data in transit to ensure secure communication.
  • Consider implementing security best practices, including regular audits, automated security checks, and employee training.

  • Leak discovered: February 21st, 2025
  • Initial disclosure: February 26th, 2025
  • CERT contacted: March 5th, 2025
ADVERTISEMENT