Personal Information of up to 90,000 Compromised at Stony Brook

May 19, 2007

By George Agathos

The personal information of 90,000 people in a Stony Brook University database was accidentally posted to Google left there until it was discovered almost two weeks later.

According to a website set up by the university, Social Security numbers and university ID numbers of faculty, staff, students, alumni, and other members of the community were visible on Google after they were posted to a Health Sciences Library web server on April 11.

The letter indicated the files were not easily accessible through Google and that the "information could only be retrieved through the use of multiple criteria." It said the New York State Cyber Security Office contacted Google to have the information removed after it was discovered on April 24.

The notifications and web announcement came with instructions on how to protect from identity theft. The university has also set up a hot line for questions about the leak.

main page ATTRITION feedback