DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Jp: Graduate University for Advanced Studies (SOKENDAI) apologizes for data leak

Posted on September 7, 2011 by Dissent

SOKENDAI issued the following public apology on September 1:

We regret to inform that we have found the personal information appeared in the department chairs meeting materials was temporally accessible on the Internet.

The reason this occurred was that the meeting materials were uploaded to the wrong place in High Energy Accelerator Research Organization (KEK) server system and found by search engine web crawlers. KEK is one of our Inter-University Research Institutes for School of High Energy Accelerator Science consisting of three departments (Accelerator Science, Materials Structure Science, Particle and Nuclear Physics).

Regarding the personal information, the below edited data were shown in the meeting materials.

1) Data for selection/ change of the candidates for The Short-Stay Study Abroad Program
2) Data for determining 2011 Spring Enrolled students who received entrance fee    exemption.
3) Data for determining 2011 Spring Enrolled students who received tuition fee exemption
4) Data for recommending applicants for JASSO scholarship
5) Data for recommending applicants to extend benefit period of MEXT scholarship for international students

The above mentioned data were accessible on the internet from June 13, 2011 to June 24, 2011 and were accessed 46 times.

6) Data to nominate the high performing students awarded JASSO scholarship for the 2010 exemption of refund
7) List of international students nominees for 2011 MEXT scholarship

The above mentioned data 6) & 7) were accessible on the internet from April 6, 2011 to May 16, 2011 and were accessed twice.

8) Data for judgment of acceptance of international students to Sokendai (MEXT scholarship)
9) Data for judgment of acceptance of international students to Sokendai (Privately-financed)
10) Data for selection of applicants for 2011 admission to the School of High Energy Accelerator Science, Sokendai

The above mentioned data 8), 9) &10) were accessible on the internet from February 9, 2011 to February 28, 2011 and were accessed once.

11) Data for application of guests to 2010 Sokendai Academic Exchange Session

The above mentioned data 11) were accessible on the internet from December 7, 2010 to February 8, 2011 and were accessed 4 times.

Currently this meeting material file including personal information has been deleted and no cases have been reported of unfair use of the personal information.

We sent a letter of apology to the Sokendai students, graduates and applicants for 2011 admission whose personal data were written on the meeting materials.

We tried to control the personal information with extreme caution in accordance with our Privacy Policy, however, we extend our deepest regrets that this incident occurred.

We take this situation with utmost seriousness and from now on, we will strengthen the information control system of the personal information. To prevent this from happening again, we have enhanced setting up passwords to all meeting material files and furthermore we will discuss and implement the countermeasures at the Sokendai Privacy Policy Committee.

Naoyuki Takahata
President
The Graduate University for Advanced Studies

Impressive disclosure, although I wish they had indicated what specific types of personal information were indexed by search engines. How much financial information was exposed?

Related posts:

  • Operation Anti Security Breakdown and targets, the full time line
Category: Breach IncidentsEducation SectorExposureNon-U.S.

Post navigation

← Ca: North Bay Regional Health Centre notifies 5,800 patients of inappropriate access of their records
Verizon Adds Mobile Security To Healthcare Cloud →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Breaches have consequences (sometimes)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity
  • Patient death at London hospital linked to cyber attack on NHS
  • ShinyHunters and team members arrested in France (2)
  • Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs
  • Dublin ETB fined €125,000 for data protection breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.