Data of 2,000 Johns Hopkins graduate students accessed on internet

Share this article:

More than 2,000 former graduate students of Johns Hopkins University are being notified that their personal information – including Social Security numbers – was stored on a server that was accessible via the internet, and was accessed a few dozen times.

How many victims? 2,166. 

What type of personal information? Names and Social Security numbers were among the information.

What happened? The personal information was stored on a server that was accessible via the internet, and the data was accessed a few dozen times.

What was the response? Upon discovery, the files were taken down and the university carried out a security audit. All university employees are receiving training to ensure a similar incident does not occur. All impacted individuals are being notified and offered a free year of credit monitoring and identity theft protection services.

Details: The university learned of the incident on March 19. The personal data belongs to graduate students who attended the Homewood campus between 2007 and 2009. The data may have been indexed by search engines or web crawlers.

Quote: “Somebody had stashed them on a machine, not realizing that when they did that, the files would be accessible on the Internet,” Dennis O'Shea, a university spokesman, said.

Source:, “Former Hopkins grad students' personal data exposed online,” April 26, 2014.

Share this article:

Sign up to our newsletters


More in The Data Breach Blog

Seattle University donor checks possibly exposed due to settings error

Seattle University is notifying an undisclosed number of donors that anyone with a Seattle University computer account could have viewed scanned checks.

Laptop stolen from Self Regional Healthcare contained patient data

As least 500 patients of Self Regional Healthcare have been notified that their personal information was on a laptop stolen from a Self Regional facility.

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.