A university is investigating after mistakenly sharing the personal details of about 2,000 students in an email promoting a lecture.
The email from the Creative Arts school at the University of Hertfordshire included an attachment with the recipients’ names and email addresses.
The university said it had contacted the data protection watchdog, the Information Commissioner’s Office.
The BBC has covered the story here: https://www.bbc.co.uk/news/uk-
This incident reflects how easy it is to make a simple error, such as putting email addresses in the \’To\’ as opposed to the \’BCC\’ field and all of a sudden you have a disclosable event on your hands.
It\’s one of those types of errors that is near impossible to solve with any form of technology. So, the only way to address this in a reasonable manner would be to ensure all staff are fully trained and aware of correct procedures and associated security risks. To be effective, this security awareness and training should be an ongoing task so that staff remain up to speed and aware of any dangers that present themselves.