Another week, another data breach at a major university. This week it's Yale, which announced Friday (Aug. 19) that the names and Social Security numbers of 43,000 people affiliated with the university had been publicly viewable on Google for the past 10 months.
The breach occurred in September 2010, when Google's modified its search engine to make it capable of finding and indexing file transfer protocol (FTP) servers, the Yale Daily News reported. As a result, the data on the 43,000 people — all of whom were affiliated with the school in 1999 — became, essentially, public property for the next 10 months.
The exposed FTP server did not contain addresses, birth dates or any financial information, Yale's information technology services director Len Peters told the Yale Daily News. Peters added that there is no indication anyone has been exploited because of the breach.
Yale discovered its misstep on June 30 and promptly blocked the FTP server from the Internet and deleted all the server's data, Computerworld reported. The university is offering all of the potentially compromised victims identity theft insurance and free credit report monitoring services for two years.
Yale's incident occurred the same week hackers accessed a Purdue University server containing the Social Security numbers of more than 7,000 former students. Just days before that, the University of Wisconsin-Milwaukee discovered malware on a server holding the records of 75,000 past and present students.
If you're worried your data may have been exposed, make sure you monitor your credit card activity and contact your bank if you notice any suspicious financial activity on your accounts.