Pembroke College data leak
data leak and data breach compensation

Pembroke College data leak

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

The news of a Pembroke College data leak has recently been reported after it emerged that private details relating to the college’s alumni were made vulnerable to unauthorised access. Users with access to the college’s single sign-on system were reportedly able to access extensive personal information on the former Oxford University students who were hosted at Pembroke College, according to Cherwell.

All organisations that process and store personal data have a legal duty to protect it in accordance with the GDPR. Where they fail to do so, they can be held liable for a data protection breach. In some cases, the affected victims can also be eligible to make compensation claims for the harm caused.

Although it appears that the alumni information was not exposed outside the organisation, the incident at Pembroke College nevertheless demonstrates the problems with failing to manage data access appropriately.

The Pembroke College data leak

As part of a 2021 telethon designed to obtain donations from alumni, Pembroke College is understood to have held a range of details to allow telethon workers to contact these former Oxford University students. However, the Pembroke College data leak led to the records of this telethon being open for access by employees outside the authorised team.

Cherwell reports that the compromised information included full names, addresses, phone numbers, and ages of college alumni. It is also understood to have included notes taken during the calls, and details about donations that have previously been made by named individuals.

Pembroke College has stated that the technical issue in the system that holds alumni and donor data, which it says has since been resolved, arose when the site was first created. It has also said that those who accessed the data without the appropriate authorisation have been identified and warned against misusing information.

Limiting data access within organisations

In its privacy policy, Pembroke College says that only those who require certain data for their job role and duties are given access privileges. However, the Pembroke College data leak indicates a significant failure to appropriately limit access to information.

According to the GDPR, employees should only be allowed to access personal information for specific work-related purposes, and for purposes that reflect the reasons for which the data was disclosed. The alumni of Pembroke College would likely not have been aware that their data would become freely accessible across the university without good reason.

The issue was deemed to be serious enough to report to the Information Commissioner’s Office (ICO), which investigates potential data protection breaches. While the damage caused by the incident may have been limited, those affected by the Pembroke College data leak may well have lost trust in the organisation.

Growing data breach claims

Anyone who has been affected by a data breach in which an organisation has mismanaged access to data could be eligible to make a compensation claim. We are seeing more and more of these types of incidents where simple flaws or oversights have resulted in a wealth of information being leaked. In the worst cases, private and sensitive data can be leaked which can cause significant distress to the victims.

All organisations have a duty to protect the information that they store and process, and we continue to see more and more breaches and more and more people claiming. Things, as they stand, do not seem to be getting any better despite the GDPR being introduced.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon