Improperly configured platforms resulted in the exposure of sensitive student and employee information at Stanford University's Graduate School of Business.
Improperly configured platforms resulted in the exposure of sensitive student and employee information at Stanford University's Graduate School of Business.

Following a pair of data breaches that exposed highly sensitive student and employee information, the chief digital officer at Stanford University's Graduate School of Business has reportedly stepped down.

The San Francisco Chronicle reported on Friday that CDO Ranga Jayaraman, who was also an associate dean at the school, told colleagues in an email on Saturday that he was departing.

“I take full responsibility for the failure to recognize the scope and nature of the... data exposure and report it in a timely manner to the Dean and the University Information Security and Privacy Office,” Jayaraman wrote, according to the Chronicle. “I would like to express my most sincere apologies... to anyone whose personal information might potentially have been compromised.”

The breaches were the result of a misconfigured school server that allowed public access to the personal information of nearly 10,000 non-teaching staff members, and misconfigured file-sharing platform that contained confidential financial aid information for MBA students, reports of sexual violence, and student disciplinary records.

Stanford disclosed the breaches on Dec. 1, 2017, although the school says that the GSB IT team first learned of the server breach in February. Attempts to protect the information at that time were inadequate and proper officials were not notified, Stanford claims. The breach that affected the file-sharing platform was discovered by a student in November.