Personal Data Of Students Exposed On University Of York Website-ca1835

Security In yet another data breach incident, personal details of 148 students were published on the website of University of York. The details revealed include date of births, addresses, mobile phone numbers and A-level results. The breach occurred last week. It is still not known whether the incident was caused by a disgruntled employee of the University, occurred inadvertently or was caused by a security flaw on the website. Information security professionals of the University are investigating the data breach incident. The University has reported the data breach incident to the Information .missioners Office (ICO). Students enrolled in undergraduate, postgraduate and pursuing part-time studies are alleged to be affected by the data breach incident. Financial penalties and legal sanctions could be imposed if the University is found to have violated the Data Protection Act, 1998. If investigations by ICO reveal that Data Protection Act has been violated, then the office has the authority to impose penalties up to 500,000 GBP on the concerned organization. The University has initiated the process of notifying the affected students. Universities are responsible for maintaining the integrity and confidentiality of the information pertaining to students, faculty members, existing and retired employees. Data breach could have severe personal, financial and legal implications for the affected individuals. Malicious individuals could use the revealed information to misrepresent, .mit identity fraud, apply for fake student loans, redirect mail and gather further personal information. Online IT courses and video tutorials could be used to educate employees on cyber security tips and implications of security breach incidents. The University has apologized to the affected students and announced that it would conduct an exhaustive review of the data security mechanisms. Hiring professionals qualified in IT degree programs, penetration testing and other security certifications would help organizations in identifying and weeding out security flaws. The IT policy of organizations must provide for regular in-depth security evaluation of the information infrastructure and the same must be implemented. Security audit of websites at regular intervals is crucial to identify and mitigate weaknesses, which could cause data exposure. Data breach incidents may have business, financial and reputational implications for organizations. As such, they must place high emphasis on information security. User access must be restricted on .puters containing privileged databases. IT professionals must also keep track of the security updates from developers for timely application of appropriate security patches. Refresher sessions, online IT degree and e-learning programs could help security professionals in keeping abreast of the evolving data protection technologies and monitoring mechanisms. About the Author: 相关的主题文章: