Google change exposed Yale social security numbers to would-be hackers

AP
(CBS) - When Google began indexing file transfer protocol (FTP) servers in September of 2010, the search engine giant didn't realize that move could expose the social security numbers of 43,000 Yale students.

That's exactly what happened. On June 30, university officials discovered the hole in their network security and disclosed findings on August 12.

The data in question belonged to university employees in 1999 and was stored on an FTP server. Yale's IT department was not aware that Google made the change, so no action was taken to ramp up security.

Elinor Mills at CNET points out, "The file and its directory had innocent sounding names, and someone encountering the file via Google would not be able to figure out what was in it without first opening it up, according to [Information Technology services director for Yale Len] Peters."

According to Peters, "Google representatives would not reveal whether anyone had accessed the data from its search engine.

Yale offered free credit monitoring to all of the victims of the potential security breach.

Comments

Watch CBSN Live

Watch CBS News anytime, anywhere with the new 24/7 digital news network. Stream CBSN live or on demand for FREE on your TV, computer, tablet, or smartphone.

Watch Now

New Android App

For your Android phone and tablet, download the FREE redesigned app, featuring CBSN, live 24/7 news.

Download
The all new
CBS News App for Android® for iPad® for iPhone®
Fully redesigned. Featuring CBSN, 24/7 live news. Get the App