The Chicago Board of Education had received complaints from parents who had received unsolicited postcards from the Noble Network of Charter Schools.
Noble officials acknowledged the situation last month, saying an internal probe concluded one of its employees "was provided with improperly sourced student and family names and addresses" by an unnamed CPS employee. That information was used when Noble mailed postcards to families.
Noble officials said the list of student information was removed from databases and computers accessible to the network's employees, and employees who were involved with the data breach were disciplined.
In a letter to district families this week, a senior CPS technology official said the breach was "a clear violation" of district policy. The information included students' names, addresses, grade levels and their current elementary schools, the letter said.
"CPS is deeply troubled by any violation of students' privacy," district spokesman Michael Passman said in a statement Thursday.
"Upon learning of the origin of this breach, CPS immediately shut down the employee's access to student data systems and began the process of notifying families whose directory information was breached," Passman said.
According to the CPS spokesman, tens of thousands of notices were "sent out of an abundance of caution to all students whose information could have potentially been provided based on our current knowledge of the situation."
The district said it is reviewing its security procedures and is in the process of moving to a new student information system.
CPS said it contacted the school system's inspector general, who is investigating the breach.
©2016 the Chicago Tribune Distributed by Tribune Content Agency, LLC.