Helsinki University reports student data breach regarding Palestine movement

A personal data breach has occurred at the University of Helsinki where the Faculty of Science students' names were collected from a Moodle platform into an Excel file, said the university in a press release on Wednesday.

It is possible that similar data acquisition has taken place at other faculties as well, the press release added.

The University was informed of the breach on 13 April 2026.

The file concerned contained student names and study tracks, together with information indicating whether individual students had signed the open letter or initiative associated with the Students for Palestine movement.

The data did not include personal identity codes, student numbers or contact details. The file contained the data of over 2,000 students.

On 22 April, all University students whose data were included in the file and for whom contact details were available were informed of the breach.

Forty individuals, however, could not be reached.

The University of Helsinki is firmly committed to data protection and the breach was reported to the Office of the Data Protection Ombudsman on April 17.

To prevent further such data collection, students have been temporarily restricted from viewing their course participant list in Moodle.

Course participants could previously see each other's names, as this was considered beneficial for study completion, facilitating, for example, the planning and coordination of group work.

As the file refers to the Students for Palestine movement, the movement has been contacted and requested, should it be responsible for the data collection, to cease such collection immediately and delete the data acquired.