Tim Asimakis reports:
Thousands of students were today contacted by Duncan Ivison, Dean of the Faculty of Arts and Social Sciences, and informed that, due to an an information security breach, their personal information could now be in the hands of hackers. According to the email, the University’s Information Security Team identified that the ORSEE application (Online Recruitment System for Economic Experiments) had been accessed by an unknown party on February 2.
The personal information that ORSEE stored included the name, contact details, and gender of 5,000 students, many of who had applied to be involved in the University’s economic experiments.
The Information Security Team were first made aware of a vulnerability in the software thanks to a tip off from another University on February 6. However, it was not until February 10 that the Security Team disabled ORSEE, eight days after the unauthorised person had broken into the database.
Read more on Honi Soit.
Update: see this post.