Teiss
Dutch University Exposes Personal Data for Nearly a Year via Power BI Tool
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Avans University of Applied Sciences revealed a yearlong exposure of sensitive personal data through its internal management reporting tool, AMIGO, built on Microsoft Power BI. The breach originated from a configuration change on June 30, 2025, allowing unauthorized access to data traceable to individuals. The issue was discovered by an employee on June 8, 2026, prompting immediate action to close the vulnerability and notify affected individuals. The university reported the incident to the Dutch data protection authority and has initiated an internal investigation to understand why the exposure went undetected for so long. While the university has not disclosed the specific types of personal data exposed, it confirmed that the data was sensitive in nature. Avans maintains that there is no evidence of data misuse and that the incident was not the result of a cyberattack. The responsibility for securing the data lies with the university, despite Microsoft owning the Power BI platform.
Key Points: • Avans University exposed sensitive personal data for nearly a year due to a configuration error. • The breach was discovered by an employee on June 8, 2026, after going unnoticed since June 30, 2025. • The university has launched an investigation and reported the incident to national privacy regulators.