A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it should be an object lesson for higher education. A special three-part blog series.
Craig A. Newman of Patterson Belknap writes:
Part 1
In three separate data security incidents over the past year at Stanford University, thousands of digital files were left exposed for months – perhaps longer – that contained details of sexual assault investigations, disciplinary actions and financial aid decisions on the school’s campus-wide IT network.
In a post Friday, the school admitted that “misconfigured permissions” – the gateways used to access databases and files – on two of the school’s file-sharing programs exposed “reports of sexual violence and some confidential student disciplinary information from six to 10 years ago” and “the personal information of nearly 10,000 non-teaching staff who were employed throughout the university in August 2008, as well as confidential financial aid information for MBA students.”
Read more on Patterson Belknap Data Security Law Blog.