A clumsy data breach has affected hundreds of children at a Birmingham secondary school.

The school said in an email to parents that students in Year 7, up to and including Year 11 (ages 11-16), had their names, gender, dates of birth, and their parents' contact details exposed via a spreadsheet mistakenly shared with other parents.

According to aggrieved parents, the school sent an email seeking consent for their children to receive flu jabs, but upon clicking a link in that message, the spreadsheet began downloading.

Tudor Grange told The Register that the data exposure was active between 0950 and 0959 local time on Monday, September 8, and was only visible to those with access to the school's Bromcom-powered intranet.

"The breach involved the accidental disclosure of a spreadsheet s

See Full Page