Awareness Advocate On University Of Hertordshire Shares Personal Details Of 2,000 Students

A university is investigating after mistakenly sharing the personal details of about 2,000 students in an email promoting a lecture.

The email from the Creative Arts school at the University of Hertfordshire included an attachment with the recipients’ names and email addresses.

The university said it had contacted the data protection watchdog, the Information Commissioner’s Office.

The BBC has covered the story here: https://www.bbc.co.uk/news/uk-england-beds-bucks-herts-50333367

Experts Comments

November 11, 2019
Javvad Malik
Security Awareness Advocate
KnowBe4
This incident reflects how easy it is to make a simple error, such as putting email addresses in the 'To' as opposed to the 'BCC' field and all of a sudden you have a disclosable event on your hands. It's one of those types of errors that is near impossible to solve with any form of technology. So, the only way to address this in a reasonable manner would be to ensure all staff are fully trained and aware of correct procedures and associated security risks. To be effective, this security.....Read More
This incident reflects how easy it is to make a simple error, such as putting email addresses in the 'To' as opposed to the 'BCC' field and all of a sudden you have a disclosable event on your hands. It's one of those types of errors that is near impossible to solve with any form of technology. So, the only way to address this in a reasonable manner would be to ensure all staff are fully trained and aware of correct procedures and associated security risks. To be effective, this security awareness and training should be an ongoing task so that staff remain up to speed and aware of any dangers that present themselves.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.