University staff data compromised in breach

By Blundell 

Confidential University data has been compromised as a result of a data breach from a supplier.

The University has confirmed that Sodexo, the supplier of the My Durham benefits portal, have had names, emails and home addresses of all Durham University staff taken from its site.

In an email to staff, the University has said it is “taking this matter very seriously”.

Sodexo has contacted all those impacted by this breach directly.

Data breaches such as this are evermore common since the tightening of data protection laws following the review of the GDPR.

The Durham University website includes a page instructing users on what to do in the case of such a data breach, which it defines as, a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, data. It instructs that, in such an incident, victims should contact the CIS.

Jennifer Sewel, University Secretary (Data Protection Officer), said: “The University is continuing conversations with Sodexo to obtain assurances of future security of information, which conform to the high standards of information security expected of it.

“We take our own responsibilities for information security very seriously and use a variety of organisational and technical measures to protect personal data, such as policy, training, guidance, as well as relevant technology-based controls for University systems and devices.”

Photograph: Defense Advanced Research Projects Agency via Wikimedia Commons.

Leave a Reply

Your email address will not be published.

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.