A university says it regrets breaching the privacy of vulnerable students who'd received counselling.
Dozens of Massey University students' email addresses and names were visible in the message sent last month, in what the Privacy Commissioner's office called a clear breach of private information.
A Massey administrator in Wellington carbon-copied 68 recipients in the email, asking recipients to give feedback to develop "an even better counselling service" for students in the future.
A majority of these email addresses made the individuals identifiable, and also made it clear they'd received counselling this year.
Massey University this morning said the incident should not have happened and it had apologised to two recipients who'd pointed the error out to the University.
"The staff member realised her mistake and consulted the manager. Two recipients pointed out the error and received apologies," a spokesman said this morning.
"This should not have happened and we have put changes in place ... to ensure that it doesn't recur, including additional training in privacy procedures for staff.
"Massey University regrets the incident," he added.
"We have notified the Office of the Privacy Commissioner of what occurred and the actions taken to ensure it does not recur."
A 21-year-old who received the email after having counselling earlier this year told NZME News Service she was horrified.
"It's so uncomfortable to know there are people that know I have been to see a counsellor."
Privacy Commissioner spokesman Charles Mabbett encouraged students to approach Massey University's Student Health and Counselling services to address the issue.
"Many people on this list probably have good reason to not broadcast the fact they are receiving counselling," Mr Mabbett said.