Glitch serves as a reminder of cyber vulnerability

There’s no perfect way to protect our personal data, but when we willfully confide it with an institution there’s an expectation of high-level cybersecurity.

Last week, Indiana University officials said that a tool on the university’s website may have inadvertently granted unauthorized users access to the grades and other academic records of any student who took at least one course at any IU campus during the past five years, including IUPUC. Across the state, Indiana University has two core campuses and seven regional campuses.

The tool, intended to allow students to view their own grade history, calculated their grade-point averages and allowed authorized university staff to view grades and calculate GPAs. It was removed from the university’s website on Tuesday after being alerted of a "misconfiguration."

Among the information that potentially could have been accessed included class names, the semesters the classes were taken, grades for those classes and the students’ overall GPA, university spokesman Chuck Carney said.

“Nobody in the general public without an IU login could access that (tool),” Carney said.

Officials at IU said that they are working to identify all potentially impacted individuals, but there hasn’t been an update since Feb. 7.

While the information won’t likely be used for nefarious reasons, it’s worrisome that explicit personal information could be so easily accessed by masses of students.

The public is already being stalked around the clock by the devices used to binge watch our favorite TV shows, connect with friends, track our runs, listen to music, and order our overnight packages.

Facebook data on a single person who uses a computer and social media a moderate amount can exceed 600 megabytes, which is 400,000 Word documents, for example.

There’s no linear method to protect our information in our data-driven world as technology advances with each "Like" of a post, but rarely do we think of organizations like colleges having cybersecurity errors.

May the recent slip-up caught by the university serve as a reminder that much of our private information is intended to be available to a few, but can often be accessed by many.