Dive Brief:
- Indiana University revealed Tuesday evening that a data breach may have compromised personal information belonging to 146,000 students and recent graduates.
- The breach affects those who attended seven of the school's campuses between 2011 and 2014, and the data accessed includes social security numbers and addresses.
- Webcrawlers, automated data-mining applications used to improve Web searches, are behind the breach, as opposed to an individual accessing specific data.
Dive Insight:
While this incident isn't believed to be the work of an ill-intentioned individual, the circumstances surrounding it are still somewhat shocking. According to a statement by the university, the data was stored in an insecure location for almost an entire year before anyone finally noticed anything last week. While the data is now on a secure server and a hotline and website have been set up to help those affected, it stands to reason that the university should conduct a thorough review of its data security policies and procedures.
This data breach should also serve as an example to any institutions dragging their feet on stepping up security, as well.