Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Update : TargetX vulnerability post

From: Brian Kelly <bkelly () EDUCAUSE EDU>
Date: Fri, 5 Apr 2019 17:59:13 +0000
I wanted to update the community regarding my post yesterday.
The CEO of TargetX reached out to me immediately and provided the information below.
We had a great conversation today and he shares the spirit and intent of our Cybersecurity community and the value of 
information sharing.
"Yesterday a blog post described an incident where an applicant accessed only his own data through a Salesforce default 
page without authorization. Due to permission settings, the applicant was able to demonstrate that he could read and 
edit select data. No other student data was accessed.
When this was first reported in January, TargetX worked closely with our customer to resolve this situation by updating 
permissions settings.  Since then they have updated customers on this issue, and continue to ensure that customers have 
the correct settings in place.
TargetX takes all security issues seriously which is why the TargetX Recruitment platform is Salesforce Security 
Certified. In addition to that, we are continuously evaluating and updating our standards and recommendations."
He added that TargetX customers can contact their Account Manager directly with any additional questions/concerns, 
access more information through TargetX's support community or email info () targetx com<mailto:info () targetx com>

Brian

Brian Kelly
Director, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
Follow HEISC on 
LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0>
 | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu>

direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/>
1150 18th Street, NW, Suite 900 Washington, DC 20036
Previous By Date Next
Previous By Thread Next

Current thread: