Sports

Star Wide Receiver Cooper Barkate, 7 Other Harvard Football Players Enter Transfer Portal

News

Cambridge City Council Takes First Step Toward Eliminating Broker Fees

News

Beth Israel Medical Center Residents and Physicians File for Unionization

News

As Students Denied Refunds, Blame Game Begins Over Harvard-Yale Pregame Debacle

News

Man Arrested for Secret Sexual Surveillance at Harvard’s Hemenway Gym

Roberts Winters at Cambridge City Council Candidate Forum

News

Cambridge Residents Slam Reappointment of Inflammatory Blogger to City Committee

News

Social Science Dean Lawrence Bobo To Take Unexpected Leave in Spring Semester

HBS Rejects 119 For 'Snooping'

By Daniel J. T. Schuker, Crimson Staff Writer June 9, 2005

Six of the nation’s top business schools, including Harvard Business School (HBS), faced a nearly unprecedented ethical dilemma this past spring when dozens of prospective students, tipped off by an online hacker, tried to gain unauthorized access to a website detailing their admissions status.

Less than a week after the breaches became public, HBS decided it would categorically reject all 119 applicants who had attempted to check their admissions status.

Carnegie Mellon’s Tepper School of Business, Duke’s Fuqua School of Business, and MIT’s Sloan School of Management followed HBS’s lead and rejected the applicants who had heeded the hacker’s instructions, while Dartmouth’s Tuck School of Business and Stanford’s Graduate School of Business (GSB) announced that they would individually examine the applications of each of the accused students.

GETTING A SNEAK PEEK

Early on March 2, an anonymous hacker posted step-by-step instructions on Business Week Online’s technology forum explaining how HBS applicants could attempt to peek at their admissions status a month early by logging in to their application and changing the URL.

“I know everyone is getting more and more anxious to check [the] status of their apps to HBS,” the hacker wrote. “So I looked around on their site and found a way.”

The hacker, who said he was rejected from HBS, posted the instructions at 12:15 a.m. under the name “brookbond,” identifying himself as a male who specializes in information technology and software security.

HBS, along with the five other affected schools, required students to submit their applications and recommendations electronically through an online admissions program called ApplyYourself.

Some students were able to see preliminary decisions, but most found only blank files. Across all six schools, 211 applicants accessed or tried to access the site detailing their admissions status.

Later that morning, Len Metheny, chief executive officer of ApplyYourself, notified the six schools of the breaches. Metheny said that his company had made the necessary changes to prevent further access to the sites by 9:45 a.m.

Business Week also deleted the hacker’s post and all other related directions, according to Kimberly Quinn, the magazine’s director of communications.

Quinn added that Business Week did not know the identity of “brookbond.”

Stephen R. Nelson, executive director of HBS’s Master of Business Administration program, said that the letters posted online were “just internal administrative devices” and not necessarily final decisions.

The Crimson, which published an article on March 3 detailing the initial chain of events, was the first newspaper to run the story.

REJECTION AND REACTION