Greenwich University faces £120,000 fine for data breach


FE Team | Published: May 22, 2018 16:32:52 | Updated: May 24, 2018 17:02:30


Greenwich University faces £120,000 fine for data breach

The University of Greenwich has been fined £120,000 ($160,000) by the Information Commissioner.

The fine was for a security breach in which the personal data of 19,500 students was placed online.

The data included names, addresses, dates of birth, phone numbers, signatures and - in some cases - physical and mental health problems.

It was uploaded onto a microsite for a training conference in 2004, which was then not secured or closed down.

In 2013 it was compromised and the information, which had been published alongside committee meeting minutes, was posted elsewhere.

In some cases it included individual students' study progress, including reasons why they had fallen behind, and copies of emails between them and staff.

In one example, it was disclosed that a student had a brother who was fighting in a Middle Eastern army and references were made to an asylum application.

The breach was discovered by one of the students, who brought the matter to the attention of the media and the Information Commissioner Office (ICO), reports BBC.

The Information Commissioner said Greenwich was the first university to receive a fine under the Data Protection Act of 1998 and described the breach as "serious".

Share if you like