Student Loans Company leaks 8,000 students' e-mail addresses

Student e-mail addresses were mistakenly released by the Student Loans Company, a division of the Department for Business, Innovation and Skills

Student e-mail addresses have been released by the Student Loans Company, a division of the government's Department for Business, Innovation and Skills.

The details of more than 8,000 students were mistakenly sent out by the quango as part of a mass e-mail distribution following a blunder by staff, according to the Telegraph.

The e-mail addresses of all students on the distribution list were sent out as an attachment to an e-mail message reminding students to complete their grant application forms.

The Student Loans Company said the breach was an administrative error. It said it had contacted all students involved to assure them no other personal data was shared.

"The integrity and security of student accounts and the protection of personal information is vital to us and we apologise to all of the students involved," the Student Loans Company said in a statement on its website.

But privacy campaigners said the breach illustrated the dangers of storing personal details on electronic databases.

Nick Pickles, director of Big Brother Watch, said: “Just because this information didn’t contain bank details, it doesn’t mean it isn’t useful to people."

In February, the Metropolitan Police exposed the e-mails of more than a 1,000 crime victims.

The victims, mostly of theft or criminal damage, were e-mailed as part of a survey into whether victims felt they were receiving a better service, after the introduction of a single telephone number for an investigation unit in London.

But instead of entering the e-mail addresses in the blind carbon copy (Bcc) field, they were entered in the carbon copy (Cc), which meant the addresses were visible to everyone else on the list.

The e-mails were sent in seven batches, meaning between 118 and 197 other people saw each e-mail address.

A Met spokesman said: "No other personal details were revealed and we are contacting everyone affected to explain what happened and to apologise." The matter was referred to the Information Commissioner’s Office (ICO), he said.

Read more on Privacy and data protection