Browse archive

Latest news

Is it time to professionalize information security?

Microsoft decrypts Skype comms to detect malicious links

A spotlight on grid insecurity

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Hacking charge stations for electric cars

Columbia University notifies employees of breach

Posted on 30 April 2012.

Personal and financial information of 3,000 current and former employees of Columbia University and 500 other individuals have been available online from January 2010 to March 10, 2012, according to a breach notification sent out by the education institution last week.

The file containing names, addresses, Social Security numbers and bank account numbers (but not the names of the banks or the routing numbers) of the affected individuals ended up online after a programmer saved it by mistake on a public server, and Google expectedly indexed it.

Still, it took over to years to discover them mistake - presumably, after one of the affected individuals was shocked to discover the information when doing some online reputation checking? - and the file was finally pulled and deleted from Google's Index.

Even though access logs for the file say that it was not accessed by anyone while it was online, the university - likely schooled by four similar incidents that happened to it in the last seven years - has promptly notified the victims about the matter, apologized, and offered a free two-year subscription to a credit monitoring system to each of them.