Posted by uitg on December 11, 2017

December 1, 2017 Stanford Graduate School of Business potentially exposed the personal information of nearly 10,000 non-teaching staff who were employed throughout the university, as well as confidential financial aid information for MBA students. Another platform exposed a variety of information from several campus offices, including Clery Act reports of sexual violence and some confidential student disciplinary information.

The cause of both breaches was incorrect permissions for file sharing.  The information for the 10,000 records was from a report ran by the HR department several years ago as part of performing salary reviews.  The problem is that the report was not deleted once it was not needed any longer.  Then the information was accidentily shared.  The school could have avoided these issues by

  1. Having a process that checks for file permission changes
  2. By scanning for PII (Persoanlly Identifiable Information) that is not protected.
  3. By having proper policies in place for removal of old report information

Links to source articles:

Breach Date: 

Friday, December 1, 2017

Contact

 

Ultimate IT Guys

112 N Oklahoma
Mangum, OK 73554
Phone: 580.782.2266


Email: contact@ultimateitguy.com

Where To Find Us

 

SWNAHRO Maintenance Conference

Northeast Texas Housing Association Meeting

Southeast Texas Housing Association

North Texas Housing Association Meeting

New Mexico NAHRO Conference

Colorado NAHRO Conference

Kansas NAHRO Conference

SWNAHRO Conference

Texas Housing Association Conference

Oklahoma NAHRO Conference

Central Texas Housing Association Meeting