While preparing to teach Stanford Law’s first Coursera class, the instructor stumbled across a potential breach that could have knocked Apple’s issues with a hack of iCloud security and compromising photos of entertainers out of the headlines. Jonathan Mayer, a computer scientist and lawyer, while setting up his massive open online course, was able to gain access to nine million Coursera names and email addresses.
In a blog post, Mayer wrote that:
- Any teacher can dump the entire user database, including over nine million names and email addresses.
- Once logged into your Coursera account, any website that you visit can list your course enrollments.
- Coursera’s privacy-protecting user IDs don’t protect much.
Mayer alerted Coursera, which addressed the issues immediately and sent an apology to its users. Once the patches were completed, Mayer found plenty of improvements, but problems still exist.