University reports student data loss

topstory
Rated 1/5 (1 person). Log in to rate.
hard drive
The University recently had to report to the Information Commissioner's Office, the body responsible for enforcing areas like the Data Protection Act, that a member of staff had a laptop stolen which had been left in a car.  This laptop contained on its hard drive a significant quantity of applicant data, dating from 2006. The likelihood is that this was an opportunist theft of the laptop, however this is clearly a serious breach of data protection. 
 
You may have seen this issue reported in the press, as we are now in the process of contacting the people on the database to inform them of the breach. If you have not received an email from data_control@staffs.ac.uk then you are not affected and your personal data has not been compromised.
 
Please find the official statement below. If you have received the email and would like to discuss any concerns, please contact our Enquiries Team: enquiries@staffs.ac.uk. We are looking to answer as many queries as possible and will keep you updated with any new information.
 
University Statement:
Staffordshire University has reported that a personal data security breach has occurred.
A laptop containing applicant information was stolen from a car belonging to a member of our staff. Due to the size of the data file, the information was held locally on the hard drive of the laptop. The theft of the laptop was reported to the police.
 
The specific information contained in the file included name, address, email address, telephone numbers, offer decisions, ethnicity code and gender of applicants dating from 2006.
 
The University has notified all those who were included in the data file to inform them of the breach and apologised unreservedly for any concern. It has stressed that this was an exceptional incident and the laptop was password protected.
However, we have reported this to the Information Commissioner’s Office.
 
We are also undertaking the following actions:
The Data Controller for the University has opened up a log of the breach to record any issues arising as a result of the breach
We have reiterated to all staff their obligation to protect personal data
A technical review of security, further training and a planned internal audit will be undertaken
 
If you have any concerns about issues raised by this breach, please email data_control@staffs.ac.uk 
 

Comments

Thomas Hope
1:11pm on 17 Nov 14 Hello Flis, The main reason for the delay in telling applicants about the breach is to do with the University not being aware of the data being on the stolen laptop until a short while ago. An establishment can hold the data legally for up to a certain period (can't remember if it is 8 or 11 years). The data might of not been used in a malicious manner and does only contain fields of information that are not sensitive which could also be easily found via google or other social media websites. I will be working with the University to ensure that appropriate additional safety measures are in place to negate the possibility of a repeated incident. Thanks and kind regards, Tom Hope Vice- President
Flis Cotham
7:32pm on 15 Nov 14 I made a UCAS application to Staffordshire University for a course , which I decided not to pursue, some years ago. I regard this data security breach very seriously as I am really careful with all my data. Prior to this breach, the Uni had been breaking the law by holding onto old data and now seem to be minimising the issue of this breach, the reason it occurred and it's impact on the 125,000 people affected by the data loss. For example the Uni failed to notify me of the theft, which took place on 13the October, until 13th November, which I feel is an unacceptably slow timeframe. I am also concerned that the Uni officials do not understand the criminal awareness of the worth of data. It seems they think the crims trawl through dustbins to steal people's ID's. Irresponsible attitudes towards data is a growing concern in today's world and I will be asking your Union for help in working out next steps. Hopefully everyone else who is affected will add their voice: email your Union at union@staffs.ac.uk
Please log in to comment.
Published: 14 Nov 2014 16:33
 

While you're here, take a look at our other headline news:

Violence Against Women and Girls Event

Tue 23 Apr 2024
Spotlight SAMS

Spotlight of the Week – SAMS Society

Mon 22 Apr 2024

Leadership Race - Elected Unopposed

Mon 22 Apr 2024
 
All news