Quick Facts

• Date: 3/20/2006
• Institution: Canterbury University
• Type of Incident: Unauthorized disclosure
• Number Affected:
• Source: INFOSEC Year In Review
• Abstract Source: RISKS 24.17

Abstract

(Abstract by Andrew King, taken from RISKS 24.17)
Thousands of [AU] Canterbury University students had their personal information exposed when online services were shut down leaving private records available to anyone with a user code and password last night. Information such as IRD numbers, transcripts, results, outstanding payments, medical conditions, and personal addresses could all be easily accessed online and could be changed by system users. The university's information technology department shut down the webfront. The university had installed a new online system late last year but there had not been any problems until now. [Source: *New Zealand Herald*, 20 Feb 2006; PGN-ed] http://www.nzherald.co.nz/section/story.cfm?c_id=1&ObjectID=10369269