Lancaster University Students’ Union has reported a data breach at LUSU living this evening. They have clarified that the data pertained to landlords and properties but did not include tenants’ information.
The statement on Lancaster SU’s website reads:
Lancaster University Students’ Union has referred itself to the Information Commissioner (ICO) regarding a data breach.
In an exchange of emails with a student a file was accidentally attached that contained data concerning landlords that the Students’ Union works with through LUSU Living.
The Students’ Union has taken immediate action to minimise the breach and ensure that the file has been deleted.
Nevertheless, the incident is serious enough to require that we inform the Information Commissioner of the breach. We will fully cooperate with the ICO in any inquiries they make and any recommendations that result from any investigation.
We have informed all of those potentially affected by the breach. We would like to apologise to them for any inconvenience that it might have caused them and assure them we are working to minimise any impact.
We want to reassure all our tenants that their data is safe. The possible breach involved information about landlords and properties but did not include information about tenants.
We will update everyone affected by this incident as it develops.
This incident is the second at Lancaster University in a twelve-month period, following security breach‘s between the 19th– 20th July 2019 where current student identification data and 2019 and 2020 undergraduate applicant data were accessed by third parties.
An SU Spokesperson released the following statement to SCAN:
“This is a regrettable case of human error. As soon as we became aware of it we took immediate action to mitigate the breach and referred ourselves to the Information Commissioner’s Office. We have informed all of those affected of the situation. We will cooperate with the ICO in any inquiry and subsequent recommendations.”
SU Spokesperson
This is an ongoing story.
