Ca: Personal information in 100,000 IT requests compromised in Simon Fraser University database misconfiguration
Corneilia Naylor reports that Simon Fraser University has self-disclosed that they left a lot of personal information on an unsecured database. Good for them for discovering it and disclosing it, although of course we wish it had never happened or had been discovered sooner.
On Jan. 27, 2016, SFU IT services inadvertently copied incidents, inquiries and requests it had received between 2013 and 2016 onto a server with an unprotected database during a transition to a new system, communications director Kurt Heinrich told the NOW.
The exposed database was discovered on May 16 and taken offline on May 17.
It contained 20,294 email addresses, personal contact information and other personal information about students, staff and faculty, depending on the nature of the IT incident, inquiry or request they sent.
While the information was exposed for nearly four months, however, Heinrich said the university has seen no evidence it was accessed by an outside party.
Read more on Burnaby Now.