If you studied or worked at Yale University ten years ago, you've got more than bragging rights. You also have the worry of becoming a victim of identity theft.
According to the Yale Daily News, the university's newspaper, the names and Social Security numbers for about 43,000 students, staff, faculty and alumni were exposed on Google—for about 10 months.
Officials say the data leak, which affected people who were "affiliated with the University in 1999," was inadvertent. A file containing the sensitive information was left on a File Transfer Protocol (FTP) server that normally handles "open source materials," says the Yale newspaper. And Yale officials were unaware that a change by Google in September 2010 allowed that file to be found by the Web's popular search engine.
Yale's Information Technology Services Director, Len Peters, says the file did not contain addresses, birthdates or financial data. And since the June 30, 2011 discovery of the leak, the file has been removed from Yale's FTP server.
Still, neither Peters nor Google would disclose how often the file was searched for or how many times the file might have been downloaded during those intervening 10 months. In a statement released by Yale last week regarding the data leak, all potential victims have been offered identity theft insurance and free credit monitoring services for two years.
If you're a college student or the parent of child attending a university this year, how concerned are you about data security at higher-education institutions? For important tips, check out Consumer Reports Guide to Online Safety.
Yale affiliates' SSNs were searchable on Google [Yale Daily News]
Yale warns 43,000 about 10-month-long data breach [ComputerWorld]