Colleges and universities face major security flaws with Blackboard Learn, potentially leaving systems vulnerable to students who want to change their grades, or others seeking private information, SC Magazine reported. According to the magazine, which is based in Australia, university officials there had to threaten to issue a security alert to get Blackboard to do so.
Matthew Maurer, a spokesman for Blackboard, told Inside Higher Ed via e-mail that the article was correct that there was a security flaw, and that this problem was not unique to Australian universities. But he said that the article (which has been circulating among some American IT officials) had an "exaggerated fashion" in describing the problem. "There's not a single reported case of exposure, just the theoretical," he said. Maurer said that many of the issues were very quickly fixed, and that the company is now providing information to colleges and universities so they can see that there are not serious problems remaining.
He acknowledged that the magazine article played a role in the timing of an alert that went out last week to colleges that use Blackboard Learn. But he said that the company didn't notify everyone immediately only because the normal practice is that "we would never do so until the investigation is complete lest we spread bad information." He added: "We've had a lot of client questions in the last few days as you can imagine, but once they get their hands on the facts most have acknowledged that these are not huge issues."