Yale notifies 43,000 that their Social Security Numbers were exposed (updated)

A Yale Alumnus posted the following:

If you get an “oops” letter from Yale about your Social Security number having been compromised, you are not alone. University spokesman Tom Conroy provides the following statement:

Yale University is notifying 43,000 individuals that a 1999 computer file containing their names and Social Security numbers was inadvertently made accessible to Google Internet searches for 10 months. The persons affected are faculty, staff, students and about 1,200 alumni affiliated with Yale in 1999.

The file did not contain addresses or dates of birth or any financial or other confidential information, and there is no indication that the information has been misused. Yale has secured the file, and Google has confirmed that its search engine no longer stores any information from the file.

Yale has established a Response Center for affected individuals and is offering free credit monitoring, identity theft insurance, and other assistance to all of the affected persons. A data security firm will monitor credit files at all three major United States credit bureaus for 24 months and alert individuals if a new United States credit account is opened using their Social Security number.

The University takes seriously the obligation to protect personal data that is entrusted to it, and regrets the error that made the computer file accessible


Apparently the 1999 file was moved to the server in question in 2005. According to Yale’s notification to the New Hampshire Attorney General’s Office, the file was not indexable by Google until September 2010, when Google changed its search engine. From September 2010- July 1, 2011, the file was indexed. On June 30, one of the people named in the file happened across it while googling his own name and notified the university.

About the author: Dissent

Comments are closed.