Applicants to Economics PhD program notified of data security incident
Stanford has notified 897 people who applied to the PhD program in the Department of Economics for 2022-23 admission about a data security incident involving their application information.
On Jan. 24, 2023, Stanford was notified that a folder containing the 2022-23 application files for admission to Stanford’s Department of Economics’ PhD program was available through the department’s website as a result of a misconfiguration of the folder’s settings. Once this was reported, access to the folder was immediately restricted, and an investigation by the University’s Information Security Office and Privacy Office was launched.
The investigation revealed that the unrestricted access to the applications began on Dec. 5, 2022, and that there were two downloads of the application materials before the folder was restricted.
“We deeply regret this incident in one of our departments and any impact it may have on those who are affected by it,” said Debra Satz, dean of the School of Humanities and Sciences.
The incident does not involve programs at Stanford other than the PhD program in Economics. It also does not involve undergraduate applications to the university.
“We have worked diligently to investigate this matter, determine how it occurred and the extent of its impact, and prepare notifications to those affected,” said Amy Steagall, chief information security officer for the university. “We also have been working with other departments in the university to confirm the security of similar information. Providing for the security and integrity of our information systems is a priority, and we work continually to safeguard the information entrusted to us.”
No financial data or Stanford evaluative comments were exposed. The information involved in the incident includes applications and accompanying materials.
The university has informed all affected individuals. The university is offering affected individuals dark web monitoring and other services.
For those seeking additional information, a set of frequently asked questions has been posted at https://humsci.stanford.edu/data-security-faqs-021723.