University of York publishes private student info

The University of York has launched an investigation following the publishing of confidential student details on its website. The personal information which included student’s phone numbers, addresses and grades were made public following a breach of the University’s IT network.

With an estimated 17,000 student details being leaked online, the incident highlights an important flaw in organisational data security. Vulnerabilities in websites such as this, allow hackers an easy opportunity to tamper with the content as well as affecting the public’s confidence in organisations’ ability to protect their data.

A recent OnePoll survey of 5000 UK consumers conducted on behalf of data security specialist LogRhythm, found that 63 per cent of respondents feared becoming a victim of identity theft through no fault of their own - probably as a result of scaremongering by the likes of Log Rhythm.

Aside from failing to keep private information secure, it appears organisations are also botching the follow-up when breaches do occur. In this instance, the University of York is reported to have left data exposed and accessible for over a week.

“Organisations need to place greater emphasis on identifying problems as soon as they occur so that immediate action can be taken to minimise damage’’ said Ross Brewer, vice president and managing director of international markets at LogRhythm.