[HN Gopher] Trove of LA students' mental health records posted t...
___________________________________________________________________
Trove of LA students' mental health records posted to dark web
after cyber hack
Author : arkadiyt
Score : 54 points
Date : 2023-02-26 19:02 UTC (3 hours ago)
(HTM) web link (www.the74million.org)
(TXT) w3m dump (www.the74million.org)
| anigbrowl wrote:
| (Off-topic) 'Clever' design shit like this just makes me reach
| for reader mode. If you want to do video, make a video. When I
| read an article, I do not want to scroll through the equivalent
| of a TV intro or game cutscene to get to the information.
| Normally this is just an aesthetic preference, but when you're
| reporting on a serious and complex legal situation, emotional
| theatrics actually undermine the journalistic mission.
| itqwertz wrote:
| I agree. It looks like it was done well, but it was probably
| more fun to create than to read.
| comfypotato wrote:
| I'm impressed as a software engineer that it worked as well as
| it did on my random phone screen.
|
| Also, now I'm thinking about it more because I was annoyed.
|
| I really don't agree with you. I think it worked. It worked in
| a way that's hard to describe; similar to how bad press will
| sometimes skyrocket a business into success and stardom.
| bayesian_horse wrote:
| [flagged]
| nathanaldensr wrote:
| What?
| gymbeaux wrote:
| "Mental healthcare in the US sucks"
| bayesian_horse wrote:
| Also the biggest problem with that story is that there was
| a central database with mental health records of students
| in the first place...
| kube-system wrote:
| It sounds like these are records used to give special
| consideration to students with special needs. Special
| education is not unique to the US.
| sourcecodeplz wrote:
| Digitalization was/is such a hard push and it's obvious some
| decision makers were just blinded by it.
|
| This also happened last month (the guy was caught).
|
| We really need some serious laws/consequences in order to prevent
| situations like this. The last hack was a MySQL with
| admin/admin!?
| neom wrote:
| "They're instead covered by the Family Educational Rights and
| Privacy Act, the federal student privacy law known as FERPA. The
| law prohibits student records from being released publicly but,
| unlike HIPAA, does not require schools to disclose when such
| breaches occur."
|
| ...
|
| "The federal privacy rules that apply to hospitals and schools
| "live in separate universes. If it's maintained by the school,
| it's FERPA. If it's maintained by your doctor, the same
| information is HIPAA protected." "
|
| Sounds like one thing that should be fixed sooner rather than
| later is brining FERPA up to HIPAA level. Seems like something
| folks could realistically rally their lawmakers around?
| alistairSH wrote:
| Yeah. The question is do we change FERPA (add notification
| requirements and penalties) OR do we remove the exemption that
| places education-related medical records under FERPA (and let
| that info fall under HIPAA, where it should have been all
| along)? I think the latter makes sense - the school is acting
| as a medical provider, so HIPAA should apply. No get-out-of-
| jail card because they're a school.
|
| Of course, the problem with any meaningful penalties is what
| does that really accomplish? Crippling a school district (by
| yanking funding) doesn't help anybody in the long run - it just
| makes education in that area worse.
| e40 wrote:
| There is hopefully a special place in hell for people that do
| stuff like this. I can sort of see why people fall into computer-
| based crime, especially in developing nations (e.g., India), but
| this. It's despicable. Not only can it ruin lives, it can make
| people hesitate to get help when they need it, which can either
| lead to more suicides or just plain terrible life outcomes.
| moremetadata wrote:
| You dont even know what the end user is going to do with the
| data and you are already condemning them.
|
| Why do you think the state are the good guys when they dont
| even teach law in a concept understandable manner so kids can
| protect themselves from criminals from primary school age
| onwards?
|
| Can you show me any other entity which is actively
| commissioning weapons and then using them on people en-masse,
| killing, maiming and psychological harming generations as we
| see with wars around the world?
|
| The state gets to hide behind its own secrecy laws, no other
| entity has the scope or reach of the state in order to protect
| and hide its criminal activity. The state is hardly leading by
| example now is it?
| javanissen wrote:
| > You don't even know what the end user will do with the data
|
| Posting private notes from psych evals to a darknet leak site
| is unambiguously morally wrong in a society that stigmatizes
| mental health conditions.
|
| > Blah blah blah the state is bad
|
| Yes. And?
| lockhouse wrote:
| > You dont even know what the end user is going to do with
| the data and you are already condemning them.
|
| What do you think they're going to do with this data? Send
| them Christmas cards? Sign them up for fruit of the month
| club?
| [deleted]
| shrimp_emoji wrote:
| Do the people who neglect to secure their IT systems get a
| place nearby?
| hgsgm wrote:
| That's everyone. The IT department is a conventient scapegoat
| for failing to do the impractical.
| dboreham wrote:
| Someone decided to put sensitive records unencrypted on a
| computer connected to the internet. In the past they'd be
| on paper in a filing cabinet, only available to Watergate
| style attackers.
| SoftTalker wrote:
| No it's unlikely that they decided that. More likely that
| they didn't realize that's what they were doing, or
| didn't understand the possible consequences.
| comfypotato wrote:
| The anonymity of it all, and how they got away with it, is what
| makes it stand out for me. There aren't many crimes this
| atrocious that are seen publicly without due repercussions for
| the criminals. I'm sure some homicide detectives see some real
| messed-up stuff, but I'm just a rando who didn't sign up to be
| exposed to this kind of society underbelly.
| b1c1jones wrote:
| That is just plain sick and twisted.
___________________________________________________________________
(page generated 2023-02-26 23:01 UTC)