In June 2018, Yale University announced that it underwent a data breach back in 2008 and 2009. This breach exposed the personal information of faculty, staff, and alumni, including their names, social security numbers, physical addresses, and birthdays.
Some time between April 2008 and January 2009, hackers were able to access a database stored on the university's server. While the school deleted personal information from that database in 2011 in an effort to protect personal information, the IT team did not realize that a breach had occurred years earlier. Yale's IT team discovered the breach in 2018 while testing the university's servers for vulnerabilities.
The school is offering free identity monitoring services to those affected by this data breach. Its IT team is also making a constant effort to ensure the security of personal data, including ceasing the use of SSNs as identifiers and running periodic vulnerability tests on Yale servers.
This breach wasn't the last the university would face. Just two years later, in 2011, the personally identifiable information of 43,000 staff, faculty, students, and alumni was exposed online when a File Transfer Protocol (FTP) server containing that data became searchable via Google.
ManageEngine's comprehensive log management and auditing tool EventLog Analyzer helps you:
Start your free trial of EventLog Analyzer today.
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
You will receive weekly cybersecurity news soon!
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.