A programming error resulted in the exposure of 3,000 Columbia University employees' names, addresses, Social Security numbers and bank account numbers.
According to DataBreaches.net, Columbia officials explained in an April 21 letter that in January 2010, a programmer accidentally saved an internal file on a public server, which Google then indexed nearly two years later on March 10, 2012. The university was informed of the breach on April 16 and "took immediate steps to secure the file and remove it from Google's index."
The file did not contain the names of the current and former employees' banks or their routing numbers. Columbia's public affairs office did not immediately return a call for comment.
In a notice on its website, Columbia said nobody accessed the publicly viewable file between January 2010 and March 10, 2012. The university said the breach "appears to have been an isolated, unintentional incident." The school is offering affected individuals a free two-year subscription to a credit-monitoring service.
In other discouraging data breach news, about 3,700 Minnesotans are now vulnerable to fraud after an employee of an automobile repossession company illegally accessed a car dealership database storing the names, addresses and birth dates of car owners, as well as their vehicle descriptions and vehicle identification numbers, the Star Tribune reported.
The state said it does not appear that the motor vehicle records information was used criminally, but the agency is recommending that those affected monitor their credit reports for any instances of fraud.