I mentioned yesterday that sometimes people and software screw up in ways that cause problems. Today I saw an article demonstrating just how bad these issues can be. Florida State University Housing Department sent detailed and confidential violation reports to tens of thousands of students.
On Monday, March 14 at around 2 p.m., FSU first became aware that a glitch in the University Housing software caused the system to email approximately 13,195 current and former FSU students detailed incident reports of any and all code of conduct complaints associated with them, the FSView has learned. FSU News
In some cases, reports were of minor issues like halogen lights or open flames. But in other cases the violations were much more serious. These include reports of drug offenses, harassment and assault. Emails were only sent to the students associated with the report, but there is the possibility that some anonymous reporters were revealed by this glitch. Given some of the reports were more than 10 years old, it’s also possible these emails went to non-involved recipients.
As an email professional this type of glitch is horrifying. I can’t fathom what the glitch was. Whether it involved a human making a mistake or was triggered by the software, this is horrible design. No email containing sensitive and personal information should ever be sent unintentionally.
FSU reports they’ve stopped using the software. I hope they’ve unplugged it from any network completely. A little bit of poking at Google doesn’t tell me who the vendor is, although one of the major campus conduct software vendors (Maxient) has a note on their Facebook page that they are not the software used by FSU.
Like I said yesterday, stuff breaks online. The problem is some of these failures can cause problems and injury to real people. What happens online isn’t that separate from what happens offline these days. Our security needs to be better.