The private data of students at Stanford University was exposed after someone changed a numeric ID in a URL that had been distributed to students who requested access to review their own files, according to The Stanford Daily.
In total, 93 students have been notified that their privacy was compromised. According to the report, a university student made a Family Educational Rights and Privacy Act (FERPA) request to view their admissions documents, not at all unusual.
A Stanford student reportedly found the vulnerability in a third-party system called NolijWeb, a content management system that the university has used to host scanned files since 2009.
By Kacy Zurkus