Yale Data Breach Exposes 43k Social Security Numbers

In what is being seen as a shocking breach of data, names and Social Security Numbers of 43,000 people associated with the Yale University were exposed on Google for over a period of 10 months.

According to Yale Daily News, the university officials said that there was no evidence that the information was exploited but they had still set up a response centre to answer questions.

The data belonged to students, faculty, staff and alumni who were affiliated with the University in 1999.

The Information Technology Services Director Len Peters said that the file containing the names and SSNs was stored in a FTP server which was used for open source work. The file did not contain other sensitive data like addresses, birth dates or financial information.

The file was publicly available on the web after Google started indexing FTP servers on its search engine. The university officials discovered the breach on June 30.

“We immediately blocked that server from the Internet, removed the file and did a complete scan of the server to make sure there were no additional at-risk files,” Peters said.

“It was pretty well-hidden, with a very inconspicuous file name,” he added, explaining that no one would have been able to know what was in the file unless they opened it.