Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in
    Uncategorized

    From Stephen to Zithromax

    A fascinating story in The Harvard Crimson details a rather shocking security lapse in which “the confidential drug purchase histories of many Harvard students and employees have been available for months to any internet user, as have the e-mail addresses…
    January 22, 2005

    A fascinating story in The Harvard Crimson details a rather shocking security lapse in which “the confidential drug purchase histories of many Harvard students and employees have been available for months to any internet user, as have the e-mail addresses of high-profile undergraduates whose contact information the University legally must conceal,” according to the magazine.

    The problem seems to be that two Harvard websites designed for student use did not properly authenticate the students who were supposed to be using them.

    One website, now disabled, is the iCommons Poll Tool. According to the Crimson, that website “required nothing more than a free, anonymous Hotmail account and five minutes to look up the eight-digit ID of any student, faculty or staff member.” With that number, anybody could then go to the website operated by Harvard’s insurer’s website, PharmaCare, type in the Harvard University ID and the student’s date of birth (obtainable from the student directory and from “sites such as anybirthday.com,” and get the full history of all drugs that the student had ordered

    There is a related issue involving the listing of student directory information if when students request that this information not be made available, a violation of another federal law.

    Hats off to the Crimson! They also broke a story similar to this roughly 10 years ago, when it was revealed that Usenet browsing history was being left on public-access terminals.

    Keep Reading

    Most Popular

    AGI is just chatter for now concept
    AGI is just chatter for now concept

    The hype around DeepMind’s new AI model misses what’s actually cool about it

    Some worry that the chatter about these tools is doing the whole field a disservice.

    solar panels concept
    solar panels concept

    These materials were meant to revolutionize the solar industry. Why hasn’t it happened?

    Perovskites are promising, but real-world conditions have held them back.

    Workers disinfect the street outside Shijiazhuang Railway Station
    Workers disinfect the street outside Shijiazhuang Railway Station

    Why China is still obsessed with disinfecting everything

    Most public health bodies dealing with covid have long since moved on from the idea of surface transmission. China’s didn’t—and that helps it control the narrative about the disease’s origins and danger.

    Europe's AI Act concept
    Europe's AI Act concept

    A quick guide to the most important AI law you’ve never heard of

    The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

    Stay connected

    Illustration by Rose WongIllustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.