Google change exposed Yale social security numbers to would-be hackers


(CBS) - When Google began indexing file transfer protocol (FTP) servers in September of 2010, the search engine giant didn't realize that move could expose the social security numbers of 43,000 Yale students.

That's exactly what happened. On June 30, university officials discovered the hole in their network security and disclosed findings on August 12.

The data in question belonged to university employees in 1999 and was stored on an FTP server. Yale's IT department was not aware that Google made the change, so no action was taken to ramp up security.

Elinor Mills at CNET points out, "The file and its directory had innocent sounding names, and someone encountering the file via Google would not be able to figure out what was in it without first opening it up, according to [Information Technology services director for Yale Len] Peters."

According to Peters, "Google representatives would not reveal whether anyone had accessed the data from its search engine.

Yale offered free credit monitoring to all of the victims of the potential security breach.