back to article STUDENTS EXPOSED in university IT blunder

The Information Commissioner's Office has reprimanded the University of York for stuffing up its IT systems so that student records were accessible to anyone. The ICO blamed a staff member who "failed to realise they had made an error while carrying out work on the University's IT system". The screw-up resulted in student …


This topic is closed for new posts.
  1. Pete 2 Silver badge

    Saves them the trouble

    > Information included dates of birth, mobile numbers, A level results and addresses.

    Don't students voluntarily put all this and more on Facebook anyway?

    1. Anonymous Coward
      Anonymous Coward

      Not the same thing.

      Information published on Facebook is done so with the consent of the individual, and they decide via their privacy settings who has access to it.

      In this case, information was published, albeit inadvertently, without prior consent from the individuals and was left online for a year where anyone could access it.

      1. Anonymous Coward

        Fixed that for you

        "they decide via their privacy settings who they think has access to it."

  2. Simbu

    There's only one kind of student exposure i'm interested in...

    And this ain't it!

  3. Andrew Waite

    Toothless mutt?

    What's the point of the ICO?

    >"Information included dates of birth, mobile numbers, A level results and addresses."

    >"The ICO said because the data was relatively harmless it decided not to fine the university."

    Sorry ICO, that's not harmless information.

    @Pete2: possibly, but that's the choice of the student NOT a third party that can't handle their responsibilities to secure personal data.

  4. Anonymous Coward
    Anonymous Coward

    who'll pay the ICO fine

    The ICO seem to have a habit of fining only when the penalty will be paid by the taxpayer

  5. Anonymous Coward
    Anonymous Coward

    well then,

    ''The ICO is about to launch a campaign to raise awareness of data protection among young people.''

    How timely and convenient a poster child

    1. Dan 55 Silver badge

      Preaching to the wrong choir

      "Only give the least amount of data possible to reputable institutions and companies... who will then lose it on a train or leave it freely available on the internet and promptly be savaged by a dead toothless watchdog."

  6. Usually Right or Wrong

    The false teeth fell out then

    'The ICO said because the data was relatively harmless it decided not to fine the university'

    But nice to see that York was treated the same as everyone else and given a serious gumming.

    1. Ian Yates

      Begs the question

      How serious does it have to be?

      Name, address, phone number. That's pretty valuable information right there.

      1. Destroy All Monsters Silver badge

        That is...

        If you want to have a date.

        *Who* wants to have a date with a U student?

    2. L1feless

      Only a minor infraction?

      And the people of the world wonder why groups like Anonymous and Lulzsec are out there. Who is the ICO to decide what is minor or not. How is this decision going to send a message to others and this University to smarten up and stop being so nonchalant with individuals information? Sure these kids might have had some of this information and more on Facebook but they at least had control over when and where they posted it. If they felt it was being abused they could subsequently remove it.

  7. Anonymous Coward
    Anonymous Coward

    Last time I googled my name

    My name, (university) email address and possibly my student enrolment number was present on a course list for all to view. I thought that was pretty poor due to the fact that I graduated over 2 years ago, that page should definitely be listed in robots.txt, and it was trivial for course instructors to tell the webserver to only display pages internally (some lecturers did this to prevent course content from being given away outside the institution) why should anyone outside my course, let alone university have access to this information?

  8. Anonymous Coward
    Anonymous Coward


    Ring, Ring...

    I is that Fred Smith?


    Hi I'm calling from the University of York regarding xyz course.... You are due some money back as you overpaid your fee's, but your account is not accepting the info, can I have......

  9. Anonymous IV

    Aleady presaged by the late, great, Douglas Adams as...

    ... Mostly Harmless.

  10. Anonymous Coward
    Anonymous Coward


    Why did I just know this had something to do with York Uni when I saw the title?


    Proud to be an ex-Yorkie :P

  11. Yet Another Anonymous coward Silver badge


    Of course if you a graduate and you fall for that - you are probably due a refund on your tuition anyway!

    1. Geoffrey W

      You have excessive expectations

      Having been to a University, even before recent dumbing down shenanigans, I found that, on the whole, those I met there were neither smarter nor stupider than those in the outside world. Yes, many were clever but that doesn't necessarily make them smart. Ah, fun days.

  12. Anonymous Coward

    Fu**ING "Young People"

    Funny how every generation of "Young People" are constantly getting into trouble, not worth a shit, lazy, rebellious, irresponsible.

    Just by stroke of magic do we have human civilization. Now, get my 5 year old over here to fix my computer!!

  13. Anonymous Coward

    A tough response......

    ......considering NOTHING was done after I bought an ex London college PC withj 8GB of student records on it, not so long ago.

    Mine's a Pearl River, as I am sending this from China

  14. Dr Patrick J R Harkin

    Over a year...

    ...and only 148 records accessed.

    From that, I'd be tempted to assume that only Google or other spiders ever found it! Especially if there was no link from the live site.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021