Private schools have complained of a data security breach by officials with the Department of Primary and Secondary Education, while student information was fed into the Unified District Information System for Education (UDISE+) database.

“Cluster Resource Persons (CRPs) are tasked with updating data from all the schools in their respective clusters. However, the CRPs have freely given out their user ID and login passwords to individual schools, and are asking them to upload data. This is a practice we have observed in several districts, including Bengaluru,” alleged D. Shashi Kumar, State general secretary, Associate Management of Primary and Secondary Schools in Karnataka.

As schools are accessing the UDISE+ data directly using the privilege of a CRP, they are allegedly able to access information from other schools in the same cluster, including lists of students, their results, contact numbers of parents, etc. “There have been past instances when such data has been compromised and used by some schools for predatory marketing, and poaching students. It is sad that the government department itself is callously perpetrating a data breach,” Mr. Kumar said.

Our code of editorial values