Thousands of Harvard University student and faculty email messages were accessible to the public for years, compromising student grades and financial data, the Harvard Crimson reported yesterday.
Both students and administrators have used email lists hosted by the Harvard Computer Society to create email lists that are available to the public unless explicitly made private. According to the HCS website, Harvard student groups use their servers.
The Crimson reported that over 1.4 million emails sent via HCS services were open to the public until earlier this week.
The presence of student academic information in these emails is particularly problematic because the discussion of grades, even if unintentional, potentially represents a violation of the Family Educational Rights and Privacy Act. One student also told the Crimson she was concerned because messages between members of LGBTQ groups were public, and that students could be "outed against their will.”
Since this revelation, HCS has restricted access to the archives of all existing lists with private membership lists, and emailed all list administrators urging them to check their privacy settings and temporarily shut down their public list index.
All comments eligible for publication in Daily Pennsylvanian, Inc. publications.