Emily Tate reports that a vendor in the higher education space exposed more than 1 million potential college applicants’ information due to a misconfigured rsync backup:
The data — which included names, phone numbers, email addresses, home addresses, high school graduation years and, in a few cases, dates of birth and Social Security numbers — was left publicly accessible for at least several weeks in January and February, according to Chris Vickery, director of cyber risk research at the cybersecurity firm UpGuard.
Gregory Gragg, CEO of Target Direct Marketing (TDM), the lead-generation company that holds and manages the information in question, confirmed the data exposure to EdScoop.
Read more on EdScoop.