- Indiana University revealed Tuesday evening that a data breach may have compromised personal information belonging to 146,000 students and recent graduates.
- The breach affects those who attended seven of the school's campuses between 2011 and 2014, and the data accessed includes social security numbers and addresses.
- Webcrawlers, automated data-mining applications used to improve Web searches, are behind the breach, as opposed to an individual accessing specific data.
While this incident isn't believed to be the work of an ill-intentioned individual, the circumstances surrounding it are still somewhat shocking. According to a statement by the university, the data was stored in an insecure location for almost an entire year before anyone finally noticed anything last week. While the data is now on a secure server and a hotline and website have been set up to help those affected, it stands to reason that the university should conduct a thorough review of its data security policies and procedures.
This data breach should also serve as an example to any institutions dragging their feet on stepping up security, as well.