AN INVESTIGATION has been launched after personal details of nearly 800 Edge Hill University students were sent out in an email.
The email, sent by a university staff member to 53 students, mistakenly contained 798 other students’ addresses, email addresses, course enrolment details and student network passwords.
The university told the Advertiser that on discovering the breach it had “immediately implemented its breach management recovery plan” and the students involved have been informed and offered support and advice.
But those affected have raised concerns over possible plagiarism and the fact their home addresses have been revealed.
A 50-year-old postgraduate student, on the second year of her MA, said: “I’m really upset as I’m working on a dissertation and have been sending confidential research data to my tutor through my university email.
“I have asked for more information and want to know what they will do for people like me that could be subject to plagiarism now.”
The university has informed the Information Commissioner’s Office (ICO) of the breach.
An ICO spokesperson said: “We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken.”
If found to have violated the act, the university could face a fine of up to £500,000.
An Edge Hill spokesperson said: “The university became aware of a breach of its data protection policy late on the afternoon of September 30.
“Once discovered, the university immediately implemented its breach management recovery plan and students were contacted on October 4 and 5. Although with this sort of breach there is no legal requirement to contact the students, the university did so and all were contacted within three working days. “Support and advice was provided to the students to deal with the associated risks of the data loss.
“The university's preliminary investigation indicates that this issue is an isolated incident and due to human error.”
Colin Gibson, president of the university's student union, said: “It’s a very serious issue for the students involved. Obviously they will have concerns about security of their data and personal information. Hopefully the university will deal with these concerns and ensure something like this doesn’t happen again.”