COTTAGE GROVE, Minn. – A Minnesota school district is scrambling to control the fallout from an email school officials sent to parents that included the private personal information of more than 9,600 students.

South Washington County Schools sent an email to parents early Wednesday regarding transportation information for individual students, along with an attached file that included the names, home addresses, email addresses, busing information, pick-up and drop-off times, routes and other information on at least 9,600 students, WCCO reports.

MORE NEWS: Know These Before Moving From Cyprus To The UK

Three hours later, district officials issued a statement to apologize for the mistake but did not explain why or how the data file was attached to the mass email, according to The South Washington Bulletin.

“South Washington County Schools is aware of the release of information about students and families through a mass email to parents regarding Transportation information for the coming school year,” the district posted to Facebook.

“We apologize for this mistake and are addressing the situation.”

District communications director Barb Brown relayed the same message to the Bulletin and said South Washington County Schools plans to share more about the “inadvertent release of information” with those affected before discussing the matter publicly.

The Bulletin pointed out that the incident is likely illegal because “education data generally is private under state and federal laws, with some exceptions.”

Parents, of course, are disappointed by the bone-headed move.

MORE NEWS: How to prepare for face-to-face classes

“People with protective orders with kids in the district just got exposed,” one parent posted to Facebook, according to the Bulletin.

“Wow. Yes, I got it too. Unbelievable,” another added.

Others pointed out that the district has a history of mishandling sensitive information.

“Last school year, there was a hack of employee data in the South Washington School District. Now, student information?” Denise Scott posted.

“Bummer,” Lynn Soler wrote. “There are some very protected information in this mistake.”

Others simply tagged friends and family in the comments section of the district’s Facebook post, or offered brief responses to vent their frustrations.

“What happened?” Jen Knox wrote.

“Lawsuit,” Matt Erickson added.

“Not cool …,” Angela Johnson posted.

The data debacle comes as privacy experts and cybersecurity professionals are sounding the warning alarm about school agreements with computer providers like Google and others, who collect data on students through school-issued devices.

The Electronic Frontier Foundation detailed the problem in an April report “Spying on Students: School-Issued Devices and Student Privacy,” EAGnews reports.

Parents have also stepped up efforts to combat the issue, including parents in New York and Colorado who teamed up to create the Parent Coalition for Student Privacy, which produced a “Toolkit for Student Privacy” in June.