Posted by uitg on December 11, 2017

December 1, 2017 Stanford Graduate School of Business potentially exposed the personal information of nearly 10,000 non-teaching staff who were employed throughout the university, as well as confidential financial aid information for MBA students. Another platform exposed a variety of information from several campus offices, including Clery Act reports of sexual violence and some confidential student disciplinary information.

The cause of both breaches was incorrect permissions for file sharing.  The information for the 10,000 records was from a report ran by the HR department several years ago as part of performing salary reviews.  The problem is that the report was not deleted once it was not needed any longer.  Then the information was accidentily shared.  The school could have avoided these issues by

  1. Having a process that checks for file permission changes
  2. By scanning for PII (Persoanlly Identifiable Information) that is not protected.
  3. By having proper policies in place for removal of old report information

Links to source articles:

Breach Date: 

Friday, December 1, 2017


Mail Protector
Huntress Labs
Malwarebytes Reseller
Quad9 Banner
Fortinet Logo
Microsoft Partner Logo
ID Agent Partner
ASCII Group Logo
Bitdefender Partner Logo
HP Logo




Ultimate IT Guys

112 N Oklahoma
Mangum, OK 73554
Phone: 580.782.2266


Where To Find Us


SWNAHRO Maintenance Conference

Northeast Texas Housing Association Meeting

Southeast Texas Housing Association

Missouri NAHRO Conference

Texas NAHRO Conference

Top of Texas Housing Association 

Big Country Housing Association

North Texas Housing Association Meeting

New Mexico NAHRO Conference

Colorado NAHRO Conference

Kansas NAHRO Conference

SWNAHRO Conference

Texas Housing Association Conference

Oklahoma NAHRO Conference

Central Texas Housing Association Meeting

NorthEast Texas Housing Association