BreachExchange mailing list archives
Security Breaches Expose Thousands of Hong Kong Students' Personal Data
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Mon, 21 Jan 2013 13:11:22 -0500
http://www.esecurityplanet.com/network-security/security-breaches-expose-thousands-of-hong-kong-students-personal-data.html Hong Kong's Office of the Privacy Commissioner for Personal Data (PCPD) recently announced that the personal information of as many as 8,505 students at several different schools has inadvertently been exposed online. "The breach involved two primary, seven secondary and two tertiary institutions," writes The South China Morning Post's Phila Siu. "Data from the nine schools included names, e-mail addresses, student reference numbers and telephone numbers. Most of the information was in contact lists for school clubs and alumni." "According to the PCPD, it started compliance checks on 12 schools alleged to have exposed student data online according to a media report last April," Computerworld reports. "The results confirmed that 9 of the 12 schools had inadvertently exposed personal information on their web sites." "Bearing in mind that we have only spent a limited amount of our time in the exercise and our search was only based on some unsophisticated means, the extent of the cyber security problem we have identified is disproportionate," Privacy Commissioner for Personal Data Allan Chiang said in a statement. "It reflected a serious lack of vigilance and adequate security measures on the part of the educational institutions in safeguarding personal data." _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Security Breaches Expose Thousands of Hong Kong Students' Personal Data Erica Absetz (Jan 21)