The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
As universidades coletam e processam uma enorme quantidade de informações de identificação pessoal (PII) no momento do registro e durante as interações com indivíduos. No entanto, as PII dos estudantes podem ser expostas ao público através do upload de documentos juntamente com avisos da universidade sem consentimento e conhecimento, o que pode colocar os indivíduos em risco de uma variedade de golpes diferentes, como roubo de identidade, fraude ou phishing. Neste artigo, realizamos uma análise aprofundada do vazamento de PII de estudantes em universidades vietnamitas. Até onde sabemos, somos os primeiros a realizar um estudo abrangente sobre vazamento de PII de estudantes em instituições de ensino superior. Descobrimos que 52.8% das universidades vietnamitas vazam PII de estudantes, incluindo um ou mais tipos de dados pessoais, em documentos em seus sites. É importante observar que as PII comprometidas incluem tipos sensíveis de dados, dados de estudantes registo médico e religião. Além disso, o vazamento de PII de estudantes não é um fenômeno novo e tem acontecido ano após ano desde 2005. Por fim, apresentamos um estudo com 23 funcionários de universidades vietnamitas que trabalharam em PII de estudantes para obter uma compreensão mais profunda desta situação e prever soluções concretas. Os resultados são totalmente surpreendentes: os funcionários estão altamente conscientes do conceito de PII dos estudantes. No entanto, o vazamento de PII dos alunos ainda ocorre devido aos seus hábitos de trabalho ou à falta de um sistema de gestão e regulamentação. Portanto, a universidade vietnamita deveria tomar uma posição mais ativa para proteger os dados dos estudantes nesta situação.
Ha DAO
NII
Quoc-Huy VO
Sokendai
Tien-Huy PHAM
VNUHCM-UIT
Kensuke FUKUDA
NII,Sokendai
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copiar
Ha DAO, Quoc-Huy VO, Tien-Huy PHAM, Kensuke FUKUDA, "I Never Trust My University for This! Investigating Student PII Leakage at Vietnamese Universities" in IEICE TRANSACTIONS on Information,
vol. E106-D, no. 12, pp. 2048-2056, December 2023, doi: 10.1587/transinf.2023EDP7078.
Abstract: Universities collect and process a massive amount of Personal Identifiable Information (PII) at registration and throughout interactions with individuals. However, student PII can be exposed to the public by uploading documents along with university notice without consent and awareness, which could put individuals at risk of a variety of different scams, such as identity theft, fraud, or phishing. In this paper, we perform an in-depth analysis of student PII leakage at Vietnamese universities. To the best of our knowledge, we are the first to conduct a comprehensive study on student PII leakage in higher educational institutions. We find that 52.8% of Vietnamese universities leak student PII, including one or more types of personal data, in documents on their websites. It is important to note that the compromised PII includes sensitive types of data, student medical record and religion. Also, student PII leakage is not a new phenomenon and it has happened year after year since 2005. Finally, we present a study with 23 Vietnamese university employees who have worked on student PII to get a deeper understanding of this situation and envisage concrete solutions. The results are entirely surprising: the employees are highly aware of the concept of student PII. However, student PII leakage still happens due to their working habits or the lack of a management system and regulation. Therefore, the Vietnamese university should take a more active stand to protect student data in this situation.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2023EDP7078/_p
Copiar
@ARTICLE{e106-d_12_2048,
author={Ha DAO, Quoc-Huy VO, Tien-Huy PHAM, Kensuke FUKUDA, },
journal={IEICE TRANSACTIONS on Information},
title={I Never Trust My University for This! Investigating Student PII Leakage at Vietnamese Universities},
year={2023},
volume={E106-D},
number={12},
pages={2048-2056},
abstract={Universities collect and process a massive amount of Personal Identifiable Information (PII) at registration and throughout interactions with individuals. However, student PII can be exposed to the public by uploading documents along with university notice without consent and awareness, which could put individuals at risk of a variety of different scams, such as identity theft, fraud, or phishing. In this paper, we perform an in-depth analysis of student PII leakage at Vietnamese universities. To the best of our knowledge, we are the first to conduct a comprehensive study on student PII leakage in higher educational institutions. We find that 52.8% of Vietnamese universities leak student PII, including one or more types of personal data, in documents on their websites. It is important to note that the compromised PII includes sensitive types of data, student medical record and religion. Also, student PII leakage is not a new phenomenon and it has happened year after year since 2005. Finally, we present a study with 23 Vietnamese university employees who have worked on student PII to get a deeper understanding of this situation and envisage concrete solutions. The results are entirely surprising: the employees are highly aware of the concept of student PII. However, student PII leakage still happens due to their working habits or the lack of a management system and regulation. Therefore, the Vietnamese university should take a more active stand to protect student data in this situation.},
keywords={},
doi={10.1587/transinf.2023EDP7078},
ISSN={1745-1361},
month={December},}
Copiar
TY - JOUR
TI - I Never Trust My University for This! Investigating Student PII Leakage at Vietnamese Universities
T2 - IEICE TRANSACTIONS on Information
SP - 2048
EP - 2056
AU - Ha DAO
AU - Quoc-Huy VO
AU - Tien-Huy PHAM
AU - Kensuke FUKUDA
PY - 2023
DO - 10.1587/transinf.2023EDP7078
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E106-D
IS - 12
JA - IEICE TRANSACTIONS on Information
Y1 - December 2023
AB - Universities collect and process a massive amount of Personal Identifiable Information (PII) at registration and throughout interactions with individuals. However, student PII can be exposed to the public by uploading documents along with university notice without consent and awareness, which could put individuals at risk of a variety of different scams, such as identity theft, fraud, or phishing. In this paper, we perform an in-depth analysis of student PII leakage at Vietnamese universities. To the best of our knowledge, we are the first to conduct a comprehensive study on student PII leakage in higher educational institutions. We find that 52.8% of Vietnamese universities leak student PII, including one or more types of personal data, in documents on their websites. It is important to note that the compromised PII includes sensitive types of data, student medical record and religion. Also, student PII leakage is not a new phenomenon and it has happened year after year since 2005. Finally, we present a study with 23 Vietnamese university employees who have worked on student PII to get a deeper understanding of this situation and envisage concrete solutions. The results are entirely surprising: the employees are highly aware of the concept of student PII. However, student PII leakage still happens due to their working habits or the lack of a management system and regulation. Therefore, the Vietnamese university should take a more active stand to protect student data in this situation.
ER -