Akane Otani reports:
The personal information of up to 2,000 people was exposed to the public for five days on a computer in Cornell’s athletics department, a University administrator confirmed Thursday.
Donald Sevey, director of information systems, said that the University discovered that a file server containing “confidential data” about thousands of people was accessible by the public for a period of time. He said that he does not know if anyone maliciously used the data while it was exposed.
“We don’t know if the data was breached. We just know that there was an incident where a file server was opened to the public, and when … we actually looked at it and saw what kind of data was on the server, we found that there was confidential data,” Sevey said.
Sevey could not say who, if anyone, had been affected by the incident, but said that the University examined the data and notified all individuals whose information had been exposed.
“I don’t know the status of the records. I just know that we went through and identified people by name and social security number and notified [them],” he said. “We don’t know if there were students, staff.”
Read more on the Cornell Daily Sun.