University of Greenwich Slapped with £120,000 Data Breach Fine
Earlier this week, the UK Information Commissioner handed the University of Greenwich a fine of £120,000 for inadvertently exposing the information of around 20,000 people.
The UK watchdog says that under the Data Protection Act 1998 it has found that the university has failed to take reasonable steps to protect the data following a training conference in 2004 where an unsecure microsite that logged the information of staff and students was used.
As a result, hackers were able to access and leak online information including names, addresses, and telephone numbers of the university’s students, staff, and alumni. Furthermore, some of the data which belonged to around 3,500 individuals included sensitive information such as details on sickness, learning difficulties, and “extenuating circumstances.