14 terabytes of “highly confidential” about 5,120 financial aid applications over seven years were exposed in a breach at Stanford’s Graduate School of Business — proving that the school “misled thousands of applicants and donors about the way it distributes fellowship aid and financial assistance to its MBA students,” reports Poets&Quants.

The information was unearthed by a current MBA student, Adam Allcock, in February of this year from a shared network directory accessible to any student, faculty member or staffer of the business school. In the same month, on Feb. 23, the student reported the breach to Jack Edwards, director of financial aid, and the records were removed within an hour of his meeting with Edwards. Allcock, however, says he spent 1,500 hours analyzing the data and compiling an 88-page report on it…
Allcock’s discovery that more is being used by Stanford to entice the best students with financial backgrounds suggests an admissions strategy that helps the school achieve the highest starting compensation packages of any MBA program in the world. That is largely because prior experience in finance is generally required to land jobs in the most lucrative finance fields in private equity, venture capital and hedge funds.
Half the school’s students are awarded financial aid, and though Stanford always insisted it was awarded based only on need, the report concluded the school had been “lying to their faces” for more than a decade, also identifying evidece of “systemic biases against international students.”
Besides the embarrassing exposure of their financial aid policies, there’s obvious lesson, writes Slashdot reader twentysixV. “It’s actually way too easy for users to improperly secure their files in a shared file system, especially if the users aren’t particularly familiar with security settings.” Especially since Friday the university also reported university-wide file-sharing platform had exposed “a variety of information from several campus offices, including Clery Act reports of sexual violence and some confidential student disciplinary information from six to 10 years ago.”


Share on Google+

Read more of this story at Slashdot.

Related posts: