Yale University becomes a victim of data breach incident?
For more than ten years, the secret about data breach has been concealed until recently. Yale University admitted that a hacker breached one of the Ivy League school’s records. It contains the data of faculty, staff members, and alumni.
The breach materialized from April 2008 to January 2009. It seems that university officials were just able to discover the matter last June 16 following the Information Technology staffers inspection of servers for susceptibilities. That is how and when the interference was identified. Yale University officials defended that since the intervention occurred more than a decade, they have limited information regarding its manifestation.
The information that has been implicated involves names, date of births, Social Security numbers several Yale University and other email addresses. Fortunately, no financial information has been gained entry to.
Yale University noted that from July 26 to 27, the institution sent notification letters to the affected people as many as the staffers could find and set up a response station. It will help the data breach victims that are still not located. Also, the university has coordinated for affected individuals to get identity overseeing services.
Synopsis Technology Director Mark Zurich said, “Back in 2008-2009 very few companies were aware of such a cyber threat, nor were they taking the necessary precautions. I am not surprised that more companies and educational institutions have not come forward to divulge breaches that happened in the distant past. Perhaps they do not feel obligated to do so after a certain point. That being said, Yale is doing the right thing by making this breach public. This may, and should, wake up more educational institutions to the danger.”
A data breach cannot be discovered as soon as possible just like what happened with the Yale University. A stolen data is copied and most often than leaves no immediate impact to the victims. Victims of a data breach usually are not aware that their data has already been jeopardized.
It would be best to use a different password to sensitive sites and provide less information as much as possible when transacting business. Yale University did not store unnecessary information and should follow it as an example.
Yale University does not make use of Social Security numbers anymore as identifiers. New measures were introduced years ago that include implementation of servers vulnerability tests and the control of the sharing of confidential information in the systems.
Recently, the Information Commissioner’s Office (ICO) fined the University of Greenwich a total cost of £120,000. It has failed to protect the personal data of 20,000 individuals including alumni, staff, and students. The agency pointed out that the educational institution was not able to safeguard data on explanatory incidences, information about learning troubles, and staff illness databases.