University of Greenwich launches investigation after student details leaked online in ‘breach of Data Protection Act’

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

The University of Greenwich has apologised to students and announced it will be conducting an investigation after personal details about hundreds of students were posted online in an “apparent breach of data privacy laws.”

In an investigation undertaken by the BBC - which was approached by a student who said details could be accessed via a simple Google search - students’ details, including names, addresses, dates of birth, mobile phone numbers, and signatures were all uploaded to the university’s website.

As well as this, the site reported how, in some cases, medical details - including mental health issues - were referenced as a way of explaining why some students had been falling behind on their coursework.

Also posted were minutes from the university department which oversees registrations and the progress of research students, as well as staff comments regarding student progress.

In one case, BBC News reported how one Middle Eastern student “was put at great risk” after it was disclosed the student had a sibling who was fighting in an army in the region, where references were made to “an asylum application.”

In an email to the Independent, university secretary Louise Nadal said she was “very sorry” that personal information about a number of postgraduate research students has been accessible on the university web site. She added: “This was a serious, unprecedented error, in breach of our own policies and procedures. The material has now been removed.

“We are now acting urgently to identify those affected. I will be contacting each person individually to apologise and to offer the support of the university.

“At the same time, I am also conducting an investigation into what went wrong. This will form part of a robust review, to make sure that this cannot happen again. The findings and recommendations of the review will be published.”

Ms Nadal also added the university is “committed” to protecting confidential data, adding: “We are co-operating fully with the Information Commissioner and will take all steps necessary to ensure we have the best systems in place for the future.”

An another email from the Information Commissioner’s Office - responsible for the enforcement of the Data Protection Act as well as for Freedom of Information - a spokesperson said: “We’re aware of an incident at Greenwich University and are making enquiries.”

According to a legal expert who spoke with BBC News, the university could face a financial penalty of up to £7.8m under new rules which look set to be adopted in Brussels next month.