The Information Commissioner's Office (ICO) has slammed Bay House School in Hampshire for failing to protect personal details of nearly 20,000 persons, including 7,600 students.
The ICO said that the school breached the Data Protection Act by using the same password for its official website and data management system.
The hacker found the password while hacking the school’s website and got access into other databases with the same password. According to the Data Protection Act, different passwords should be used to prevent hack of different databases.
Speaking on the issue, investigating team’s chief Sally Anne Poole said, "While it can be difficult to remember lots of different passwords, it is vitally important that individuals do not use the same password to log-in to data systems that are supposed to be kept secure.”
In the hack, which took place in March this year, the school lost names, addresses, snaps and other personal information of students, their parents as well as teachers.
The school has signed an undertaking with the information authorities to strengthen school’s computer network by employing the best medium to thwart any such data breach in future.
Related News
- School censured for exposing personal data of thousands of people
- LastPass urges users to alter master passwords amid possible hack
- Manchester medical student loses personal data of 87 patients
- Pa. school district to reveal details of webcam spying investigation
- Children Should Walk to School
- Seven Hills West Public School to Be Investigated for Caging Autistic Children
- Hackers steal Sun readers’ details
