Candace Carlisle of the Denton Record-Chronicle reports that a student at Texas Woman’s University discovered that he could access the uni’s Degree Audit Report System. DARS does not contain student identifiers, but it does contain a copy of students’ names, courses, and grades. Exposure of such information may be a FERPA violation, but based on the media report, the university did not seem particularly apologetic about the breach. There is no statement as to how long that loophole existed or how many unauthorized persons may have accessed any or all of 12,000 students’ grades. Nor is there any statement on TWU’s web site. Instead, TWU focuses on reassuring students that the loophole is now closed and it warns those who would misuse the portal (or take advantage of any future security problems or loopholes?).
hat-tip, ESI