The permissions for some folders in the Seattle University's Microsoft Exchange folder system were set incorrectly, that allowed anyone with a university email address to gain access to the files in those folders.
The personal information for 628 current and former students was stored in those folders.
Students were offered free credit monitoring services.
TPRM report: https://scoringcyber.rankiteo.com/company/seattle-university
"id": "sea17522123",
"linkid": "seattle-university",
"type": "Data Leak",
"date": "04/2014",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': '628 current and former students',
'industry': 'Education',
'location': 'Seattle, WA',
'name': 'Seattle University',
'type': 'Educational Institution'}],
'attack_vector': 'Incorrect Permissions',
'data_breach': {'number_of_records_exposed': '628',
'type_of_data_compromised': 'Personal Information'},
'description': "The permissions for some folders in the Seattle University's "
'Microsoft Exchange folder system were set incorrectly, '
'allowing anyone with a university email address to gain '
'access to the files in those folders. The personal '
'information for 628 current and former students was stored in '
'those folders. Students were offered free credit monitoring '
'services.',
'impact': {'data_compromised': 'Personal Information',
'systems_affected': 'Microsoft Exchange Folder System'},
'post_incident_analysis': {'root_causes': 'Incorrect Permissions'},
'response': {'communication_strategy': 'Offered free credit monitoring '
'services to affected students'},
'title': 'Seattle University Data Exposure Incident',
'type': 'Data Exposure',
'vulnerability_exploited': 'Permission Misconfiguration'}