Data of 2,000 Johns Hopkins graduate students accessed on internet

Share this article:

More than 2,000 former graduate students of Johns Hopkins University are being notified that their personal information – including Social Security numbers – was stored on a server that was accessible via the internet, and was accessed a few dozen times.

How many victims? 2,166. 

What type of personal information? Names and Social Security numbers were among the information.

What happened? The personal information was stored on a server that was accessible via the internet, and the data was accessed a few dozen times.

What was the response? Upon discovery, the files were taken down and the university carried out a security audit. All university employees are receiving training to ensure a similar incident does not occur. All impacted individuals are being notified and offered a free year of credit monitoring and identity theft protection services.

Details: The university learned of the incident on March 19. The personal data belongs to graduate students who attended the Homewood campus between 2007 and 2009. The data may have been indexed by search engines or web crawlers.

Quote: “Somebody had stashed them on a machine, not realizing that when they did that, the files would be accessible on the Internet,” Dennis O'Shea, a university spokesman, said.

Source: baltimoresun.com, “Former Hopkins grad students' personal data exposed online,” April 26, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.

Marquette University notifies graduate applicants of possible breach

Settings for an internal file server were inadvertently modified, making graduate school applications accessible to anyone with Marquette University login credentials.