“On Wednesday morning, an employee discovered two forced doors and violated computers,” says Wolfhagen. The burglary took place on the fourth floor, at the department of Education Development and Research, in offices with several workplaces and so also several computers. Wolfhagen: “It is speculation, but maybe the burglar thought to hit big in one fell swoop? Thinking that the disks might sell for a handsome sum?” At the same time, she thinks it is “strange” that two “random” rooms were selected on the fourth floor.
So was it actually random? It is not unthinkable that this was a search for sensitive information, for example research results or exam data. Wolfhagen: “We do not store any exam questions or answers. That goes through another route. But work is indeed being carried out on student portfolios and the related feedback, programme evaluations, so how students have experienced a course, how they felt the lecturers or tutors performed. We also process information on courses for lecturers within the framework of professionalisation. I’m wondering: how could that be interesting?”
The stolen hard disks do not contain any confidential or privacy-sensitive information, such as names, addresses and telephone numbers, says Wolfhagen. “At the most, a few photographs of the employees themselves. All important matters are stored on network disks, which are protected.” According to Maastricht University’s protocol, the burglary was reported to Raoul Winkens, data protection official at the UM, and security officer Bart van den Heuvel. “They concluded that there had not been a data leak. To be on the safe side, we have changed all our passwords within the department. Just in case there was anything.”
Paul van Eekeren, head of security at the UM, suspects that the culprit(s) stayed inside the building after it was locked. “The alarm didn't go off.” The burglar most likely exited through a window on the ground floor, at Zuyd University's Midwifery department. “This window was found to be open,” says Van Eekeren.