22 Mär
2019
22 Mär
'19
14:15
Hi all,
Just happened: "Login details exposed online due to Elsevier data breach" as published yesterday in our university magazinehttps://www.erasmusmagazine.nl/en/2019/03/21/login-details-exposed-online-due-to-elsevier-data-breach/?noredirect=en_US.
A few hours later, library director comes to me: Do we exchange personal information to Elsevier? Hmm, IP address based: No. Also SSO: [check] only pseudo identifier. Answer: No, non PII.
One hour later, email from DPO: Please explain what do we exchange to Elsevier? Blabla, transient identifier bla bla... "Alright, great!"
We happy, but Elsevier should be happy too! (about us at least;)
Conclusion: Security is an important topic in our recommendations too...
Have a good weekend! Jos