USYD 'failed to secure students' data' (1 Viewer)

Rafy

Retired
Joined
Sep 30, 2004
Messages
10,719
Gender
Female
HSC
2005
Uni Grad
2008
Australian university failed to secure students' data and broke law: Privacy Commissioner

A Sydney university "did not take the appropriate steps to ensure the security of students' personal information", the NSW Privacy Commissioner has found.

Earlier this year Fairfax Media, publisher of this website, reported that the detailed records of thousands of University of Sydney students past and present were being stored online where they could be easily downloaded and read via an internet connection without a password.

Details openly available on the university's site included a student's full name, residential address, email address, which courses he/she studied and how much the course cost.

The Fairfax report sparked an investigation by the NSW Privacy Commissioner, which late yesterday released a two-page finding that said the university had breached the Privacy and Personal Information Protection Act 1998.

"The investigation into this matter has revealed that the university did not meet its obligations under New South Wales law," acting Privacy Commissioner John McAteer said.

A "programming error" allowed for "direct access to student records without the need for a password", he said.[...]
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top