Browse archive

Latest news

Microsoft to pay up to 150k for vulnerabilities

(IN)SECURE Magazine issue 38 released

Collected data helped foil 50 terrorist plots, says NSA chief

65+ websites compromised to deliver malvertising

Customized spam uses cell phone users’ data against them

Facebook once again accessible via Tor

Oracle releases critical security updates for Java

Employees biggest IT threat to businesses

Google asks secret court permission to publish FISA numbers

Failed backups endanger revenue and productivity

How to detect hidden administrator apps on Android

CyanogenMod founder aims to thwart data-grabbing apps

Hacking charge stations for electric cars

Columbia University notifies employees of breach

Posted on 30 April 2012.

Personal and financial information of 3,000 current and former employees of Columbia University and 500 other individuals have been available online from January 2010 to March 10, 2012, according to a breach notification sent out by the education institution last week.

The file containing names, addresses, Social Security numbers and bank account numbers (but not the names of the banks or the routing numbers) of the affected individuals ended up online after a programmer saved it by mistake on a public server, and Google expectedly indexed it.

Still, it took over to years to discover them mistake - presumably, after one of the affected individuals was shocked to discover the information when doing some online reputation checking? - and the file was finally pulled and deleted from Google's Index.

Even though access logs for the file say that it was not accessed by anyone while it was online, the university - likely schooled by four similar incidents that happened to it in the last seven years - has promptly notified the victims about the matter, apologized, and offered a free two-year subscription to a credit monitoring system to each of them.