Awareness Advocate On University Of Hertordshire Shares Personal Details Of 2,000 Students

A university is investigating after mistakenly sharing the personal details of about 2,000 students in an email promoting a lecture.

The email from the Creative Arts school at the University of Hertfordshire included an attachment with the recipients’ names and email addresses.

The university said it had contacted the data protection watchdog, the Information Commissioner’s Office.

The BBC has covered the story here: https://www.bbc.co.uk/news/uk-england-beds-bucks-herts-50333367

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
InfoSec Expert
November 11, 2019 1:09 pm

This incident reflects how easy it is to make a simple error, such as putting email addresses in the \’To\’ as opposed to the \’BCC\’ field and all of a sudden you have a disclosable event on your hands.

It\’s one of those types of errors that is near impossible to solve with any form of technology. So, the only way to address this in a reasonable manner would be to ensure all staff are fully trained and aware of correct procedures and associated security risks. To be effective, this security awareness and training should be an ongoing task so that staff remain up to speed and aware of any dangers that present themselves.

Last edited 3 years ago by Javvad Malik
1
0
Would love your thoughts, please comment.x
()
x