Yale hacked via Google backdoor

Yale hacked via Google backdoor

Tens of thousands of Yale University students, faculty, staff and alumni were informed by the institution this week that their names and Social Security numbers had been available online through a cleverly designed Google search for 10 months.

Using a technique called GoogleDorking, users can search for potentially valuable information that has been unknowingly left online and subsequently indexed by Google using specially crafted search strings. Data security issues in many types of network hardware and other items sometimes leave these back doors open by default.

According to the Yale Daily News, the information was openly stored on a file transfer protocol server as of September 2010, when Google updated its search engine to include such devices in search results. Other search engines, including Yahoo, do not index FTP servers, the publication noted.

Those affected by the breach have been offered two years of identity theft insurance and free credit monitoring, the Daily News added.

In addition to taking steps to ensure that their personal information is safe, it's likely a good idea for those that receive a notification of this type of breach to change all of their online account passwords in order to defend against potential unwanted access.