Stanford College disclosed an information breach after information containing Economics Ph.D. program admission data had been downloaded from its web site between December 2022 and January 2023.

Final week, the college despatched information breach notification letters to those that submitted private and well being data as a part of the graduate software to its Division of Economics, informing them that their information was accessed with out authorization.

“On January 24, 2023, Stanford was notified {that a} folder containing the 2022-23 software information for admission to Stanford’s Division of Economics’ Ph.D. program was accessible by means of the division’s web site due to a misconfiguration of the folder’s settings,” the college instructed affected people.

“We promptly investigated this matter, which revealed that the unrestricted entry to the functions started on December 5, 2022, and that there have been two downloads of the appliance supplies between December 5, 2022, and January 24, 2023.”

The data uncovered because of this breach contains software and accompanying supplies, together with names, dates of delivery, dwelling and mailing addresses, telephone numbers, e-mail addresses, race and ethnicity, citizenship, and gender.

Monetary and social safety information not uncovered

Some supplies submitted throughout the Ph.D. software course of additionally included candidates’ well being data. Social Safety Numbers and monetary information weren’t uncovered throughout the incident as a result of software information didn’t comprise such a information.

Stanford instantly blocked entry to the information as soon as it came upon concerning the unintentional publicity. For the time being, the college mentioned that it discovered no proof that the downloaded data has been misused.

“The confidentiality, privateness, and safety of non-public data are amongst our highest priorities, and we’ve safety measures in place to guard such a data,” Stanford added.

“In response to this incident, we’re updating our processes and insurance policies associated to digital file storage safety and will probably be retraining school and employees on the insurance policies.”

This incident follows an April 2021 information breach disclosed after the Clop ransomware group leaked paperwork stolen from Stanford College of Medication’s Accellion File Switch Equipment (FTA) platform.

Information revealed on-line by the Clop cybercrime gang after the 2021 assault included names, addresses, e-mail addresses, Social Safety numbers, and monetary data.

A Stanford spokesperson was not instantly accessible for remark when contacted by BleepingComputer earlier immediately.