Two MBA applicants to Carnegie Mellon University couldn't wait to see if they made the cut, so they used what a hacker said was a means to access unannounced admission decisions at several top business schools.

The only problem was that Carnegie Mellon hadn't yet made those decisions, so the computer screen the applicants hoped would give them their answer was blank. Even worse for them, the system was equipped to electronically capture "footprints" of trespassers.

Officials with Carnegie Mellon's Tepper School of Business said yesterday that they will bar those students once they are certain who they are.

"Our dean has made it pretty clear that if any of our applicants tried to hack into the system, we would not admit them," said Mike Laffin, a Tepper spokesman. "The school thinks it's a pretty serious indiscretion."

In all, 150 breaches were reported involving business school applicants to Harvard, Stanford and Duke universities, as well as the Massachusetts Institute of Technology, Dartmouth College and Carnegie Mellon. An official involved in the investigation of those breaches said yesterday that most of those schools also had yet to post their final admission decisions.

The intruders exploited a security vulnerability at Fairfax,Va.-based ApplyYourself Inc., a service that hosts and manages admission systems for those schools and some 300 campuses, said Len Metheny, the company's CEO and president. He said the vulnerability allowing the breaches was fixed Wednesday morning, soon after it was discovered.

But for about nine hours that day, it enabled applicants to tap into a Web page that displays their own admission status. "The students did not have access to anyone else's information," Metheny said.

He insisted the system, used by campuses for seven years, is secure.

"We have processed literally millions of applications, and this is the first incident of its kind," he said.

The problem began at 12:15 a.m. Wednesday, when a hacker posted instructions on a chat room section of BusinessWeek's Web site that pertains to MBAs, Metheny said. His company was alerted to the posting at 7:30 a.m. and by 9:50 a.m. it had stopped the intrusions.

The largest number of them -- 119 -- occurred at Harvard Business School, which, like Carnegie Mellon, had not yet posted its final decisions. Some applicants there saw preliminary data about themselves, but many others saw blank screens, said school spokesman Jim Aisner.

At Carnegie Mellon, the Tepper School is to announce its latest admission decisions on March 14. It received 1,194 applications for 151 full-time slots, Laffin said.

Metheny said he believes the intruders violated federal law covering computer abuse and fraud but added that his company will consult with its client schools before deciding whether to pursue prosecution. He said that to get to the admission data, the intruders had to follow an elaborate series of steps, adding: "You couldn't accidentally happen upon this page."