From the press release (pdf) from the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has taken regulatory action against the University of Manchester following a breach of the Data Protection Act. The personal records of over 1,700 students, including information on some students’ disabilities, were published when a member of the university staff had…
Category: Exposure
VA: Personal info revealed on receipt
Andy Fox of WAVY reports that customers of Miller’s Neighborhood Market Shell Station may have had their debit or credit cards exposed to other customers when an employee replaced a roll of paper in the receipt machine with a roll that already contained customer receipts showing full debit and credit card numbers. The previously recorded…
IL: Filesharing responsible for exposure of personal info from state agency
John O’Connor of the Associated Press reports that AP obtained a memo suggesting that an Illinois state employee downloading music to a laptop computer was responsible for inadvertently sharing sensitive Illinois Department on Aging information such as employees’ Social Security numbers. About 170 employees may have been affected.
UK: Barclaycard apologises to widow for 317-strong letter error
Gill Montia of Banking Times reports: Barclaycard has had to apologise to a Mrs Sandra Grant of Erith in Kent, after sending her 317 letters in one day. The recently widowed 55-year-old said it took her all morning to open the post, which contained details of various Barclaycard customers, including account numbers, names and amounts…
UK: Anonymity proves grey area for IDScan
John Ozimek of The Register reports: Security software provider IDScan has been left red-faced after a page of supposedly anonymous details of ID cheats on its website turned out not to have been anonymised after all. […] To protect the anonymity of the individuals depicted, IDScan has helpfully left their photos visible but greyed out…
TX: TWU shuts down, secures computer system after student finds way to access adviser reports
Candace Carlisle of the Denton Record-Chronicle reports that a student at Texas Woman’s University discovered that he could access the uni’s Degree Audit Report System. DARS does not contain student identifiers, but it does contain a copy of students’ names, courses, and grades. Exposure of such information may be a FERPA violation, but based on…