Harvard Business School has denied admittance to 119 applicants who hacked into the computer system to find out whether they had been admitted or not. Greg at Begging to Differ is concerned that the evidence implicating the hackers might be inconclusive, and he wonders why the server was so insecure. Along the same lines, it would be interesting to know whether each of the applicants hacked in separately, or whether one person was responsible and then told others about the exploit.
Regardless, I'm not entirely convinced that breaking into Harvard's server was unethical in the first place. Nobody was harmed here, and the data must have been pretty easily accessible if 119 people really found it. What about the ethics of storing personal information about students on an insecure server?