A team of 50 bureaucrats spent much of the summer rummaging through boxes in a secret Victoria warehouse, searching for a hard drive containing records of 3.4 million British Columbia and Yukon students and teachers, some dating back almost 30 years.
Extensive physical and electronic searches came up empty, and on Tuesday the B.C. government officially declared the unencrypted hard drive lost.
Technology, Innovation and Citizens’ Services Minister Amrik Virk said the province’s chief information officer will review the government’s management of personal information.
He said information and privacy commissioner Elizabeth Denham will conduct her own review.
Virk said there is no indication that data from the lost hard drive has been accessed or used, adding he believed the risk to individuals was low because the data does not contain social insurance or driver’s licence numbers or financial or banking information.
But he said he was concerned the hard drive had disappeared.
“This should not have happened. Any time personal information may be at risk, it is a cause for concern,” Virk told a news conference.
“I’m troubled to have learned that government is unable to locate the backup hard drive that contains a variety of reports, data and information.”
He said data from 1986 to 2009 contains names, grades, postal codes and personal education numbers. It also includes potentially sensitive information about children in care, teacher retirements and graduation dates for cancer survivors who participated in a research project.
From the years 1991 to 2009, the hard drive contains more detailed information on 3.16 million people, including each student’s full name, birth date and home address on their Grade 12 transcript.
The government said a second file on 1.8 million students from kindergarten to Grade 12 contained data on special needs status of students, including intellectual difficulties, physical disabilities or chronic health impairments.
Yukon students write B.C. exams and are taught the province’s curriculum. The province and territory have a agreement to store Yukon student data.
The drive also contains a list of children under custody orders and those involved with the Ministry of Children and Family Development, including health and behaviour issues, participation in intellectual disability programs and adoption status.
The Education Ministry discovered the drive was lost while reviewing records to ensure compliance with data-storage standards.
Jim Iker, president of the BC Teachers’ Federation, said the data breach impacts students, parents and teachers.
“This is such a serious breach of security,” he said in Victoria. “The biggest impact here is on our students and those students who are now adults, and some of those adults could be teachers, and there’s all sorts of information about them that shouldn’t fall into the wrong hands.”
Opposition New Democrat education critic Rob Fleming said British Columbians need more answers from the government about how the information disappeared.
“Now we have disturbing details that at an unsecured location, in an unsecured server, three and a half million files are now potentially in the hands of someone who could use it.”
Virk said residents can call Service BC, a government information line, to find out if their information was on the drive.