Personal Information of Students Disclosed on University of York Website

In yet another data breach incident, personal details of 148 students were published on University of York website.

Albuquerque, NM (prHWY.com) March 17, 2011 - Albuquerque, NM, United States - In yet another data breach incident, personal details of 148 students were published on the website of University of York. The details revealed include date of births, addresses, mobile phone numbers and A-level results. The breach occurred last week. It is still not known whether the incident was caused by a disgruntled employee of the University, occurred inadvertently or was caused by a security flaw on the website. Information security professionals of the University are investigating the data breach incident. The University has reported the data breach incident to the Information Commissioner's Office (ICO). Students enrolled in undergraduate, postgraduate and pursuing part-time studies are alleged to be affected by the data breach incident. Financial penalties and legal sanctions could be imposed if the University is found to have violated the Data Protection Act, 1998. If investigations by ICO reveal that Data Protection Act has been violated, then the office has the authority to impose penalties up to 500,000 GBP on the concerned organization. The University has initiated the process of notifying the affected students.

Universities are responsible for maintaining the integrity and confidentiality of the information pertaining to students, faculty members, existing and retired employees. Data breach could have severe personal, financial and legal implications for the affected individuals. Malicious individuals could use the revealed information to misrepresent, commit identity fraud, apply for fake student loans, redirect mail and gather further personal information. Online IT courses and video tutorials could be used to educate employees on cyber security tips and implications of security breach incidents.

The University has apologized to the affected students and announced that it would conduct an exhaustive review of the data security mechanisms. Hiring professionals qualified in IT degree programs, penetration testing and other security certifications would help organizations in identifying and weeding out security flaws. The IT policy of organizations must provide for regular in-depth security evaluation of the information infrastructure and the same must be implemented. Security audit of websites at regular intervals is crucial to identify and mitigate weaknesses, which could cause data exposure. Data breach incidents may have business, financial and reputational implications for organizations. As such, they must place high emphasis on information security. User access must be restricted on computers containing privileged databases. IT professionals must also keep track of the security updates from developers for timely application of appropriate security patches.

Refresher sessions,online IT degree and e-learning programs could help security professionals in keeping abreast of the evolving data protection technologies and monitoring mechanisms.

Contact Press

EC-Council
Website: http://www.eccouncil.org
Email: iclass@eccouncil.org
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

###

Tag Words: security flaw, data breach, ico, university of york, data exposure, information security, online it degree, it degree program, online it courses

Categories: Security

Link To This Press Release:

URL HTML Code