Case Western Files Accessable Online Contain Sensitive Information
Quick Facts
- Date: 10/5/2007
- Institution: Case Western Reserve University
- Type of Incident: Unauthorized Disclosure
- Number Affected: 452
- Source: ESI
- Abstract Source: SSNBreach.org
Abstract
Aaron Titus and the gang over at SSNBreach.org have issued another press release about more university student information showing up on search engines. This time eight (8) files from Case Western Reserve University's online file management system were indexed and cached by Yahoo!. These files contained a wealth of information on 452 individuals associated with the university. Some of the files contained information from a medical study and included patients medical information including history, current medications and current problems. Of these patients, the files indicated that 56% of the patients had either failed to fill out or denied consent to shard medical data under HIPAA. Other files contained job candidate test files and interview questionnaire responses. The university was made aware of this problem in September and quickly moved to pull down the offending files.
