Startup vulnerability leaves Queer Chart student data exposed
Paxton Scott reports:
A security flaw allowed users of Queer Chart, a startup founded by Stanford students to link members of the campus queer community, to access all users’ names, profile pictures, email addresses, dates of birth, pronouns, schools and anonymous IDs, its founders have acknowledged. An anonymous ID is meant to allow a user to post on Queer Chart under an alias.
The product launched in early October and was taken offline last week, with a notice posted on its site stating, “Queer Chart is offline a little for some maintenance! Expect an email soon when we are back :).”
Read more on The Stanford Daily.