Programming Flaw Exposes Applicant Information

By Adam Dodge - Posted on July 6th, 2005
Quick Facts
Date: 7/6/2005
Institution: University of Southern California
Type of Incident: Unauthorized disclosure
Number Affected:
Source: INFOSEC Year In Review
Abstract Source: The Register via RISKS
Abstract
A programming error in the University of Southern California's online system for accepting applications from prospective students left the personal information of ``hundreds of thousands of records'' publicly accessible. The flaw was discovered by a student in the process of applying.
[Abstract by Peter G. Neumann taken from RISKS 23.93]