Yale Exposes 43,000 Social Security Numbers on Googleposted by Christian on August 29th, 2011
Yale just announced that 43,000 Social Security numbers — belonging to current and former students, faculty, staff and alumni – were at some point accessible by anyone doing a simple Google search. This comes as a result of a recent change in Google’s search parameters, their recent indexing of FTP and Yale’s remarkable incompetence.
Reportedly the leak has already been taken care of, with minimal damage, though their IT department does state that they have no way of telling if the information was accessed. But don’t worry, the data was only from 1999. Oh, and they had “very inconspicuous file names.” So don’t worry (I guess).
The information was available as a result of what’s known as Google dorking. Cyber criminals take advantage of Google’s advanced search mechanisms to find data caches that most people wouldn’t even know where available. This is the same technique used if say you wanted to do a search of every public non-guarded webcam currently on the web (something else you can do with Google dorking).
Complicating matters further is the fact that this isn’t the first time that Yale has just randomly lost thousands of SSNs. A similar situation arose back in 2007 as well.