Police investigate University of South Wales data breach

'Limited' data breach not reported to the ICO as yet, but the police have been notified

Keyboard with dragon

Police are investigating a data breach at the University of South Wales right in the middle of its exam period.

Though the breach is said to be "limited" it has been passed onto the South Wales Police who are understood to be investigating what has been done with the data.

"The University of South Wales has referred a limited data breach to South Wales Police," a spokesperson from the university said. "We have taken immediate action to secure the University's systems to ensure that there are no further breaches."

The University, which has campuses in Cardiff, Newport and Pontypridd and over 30,000 students, has taken down its student record system, according to Wales Online. The breach happened on Wednesday and one member of the university said that passwords to all staff accounts were later wiped.

IT Pro has contacted both the South Wales Police and the ICO for confirmation of the breach, as yet the university hasn't informed the latter of the 'limited' incident.

Under the GDPR, its the responsibility of the organisation breached as to whether or not it should be reported. Given that the breach happened on Wednesday, South Wales University is still within the 72-hour timeframe for reporting to the ICO.

In February it was revealed that nearly 60,000 data breaches were reported since the GDPR legislation came into force in May 2018. The breach reports came from a wide range of companies and organisations highlighting the scope for hackers to steal sensitive information.

This is not the first time a university has suffered sensitive data breaches. In 2017, information collected by The Times suggested that UK universities were letting through hundreds of cyber attacks a year, with hackers landing 1,152 attacks.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021