‘Confidential’ Student Data Leaked By Coventry University


Coventry University has been placed under investigation after confidential data of students was leaked to around 2,000 people. The University responded by apologising for a ‘security breach’, before addressing the concerns of affected students by stating no passwords, residential or financial-based information had been linked. Given the importance of data protection in a technology-dominated era, it was inevitable that an investigation would be launched. But how did it happen? Read on for the full story.


Coventry University appeared to fail in their duty to secure confidential student information


The debacle started in November 2017, when an email was accidentally circulated to 1,930 students. This email unfortunately contained an attachment that contained details of confidential student information. What such a sensitive attachment was doing being included in any email raises some serious questions, but the fact such a careless mistake was made beggars belief. Two months after the email was sent, affected students received an email last week, which informed them of the breach.




The Information Commissioner’s Office (ICO) are responsible in the United Kingdom for enforcing data protection laws. They also have the power to take legal action when an organisation fails in their legal duty to protect confidential information. Fines can total up to £500,000, while prosecutions are possible. Unsurprisingly, the ICO have launched an investigation into this case. Confidential information being leaked can have serious ramifications – especially in this technology-based era.


Organisations are supposed to have safeguards that protect any confidential data that they have. According to the Coventry Telegraph, the University responded by saying the attachment contained ‘University email addresses’, with ‘no passwords, financial or residential details’ being disclosed. The University also apologised, and stated that they had provided advice to affected students. Despite the apology, the damage has clearly been done. Fortunately, it seems no compromising data has been included.




While this doesn’t appear to have been done maliciously, it is still worrying that such an action can happen. As mentioned, a document which includes such sensitive information arguably shouldn’t be sent via email in any case, only adding to the disappointment surrounding this case. Hopefully there won’t be long-term ramifications of this leak for the students involved.





Thanks for reading. UniEel is on Facebook and Twitter.