BLOOMINGTON, Ind. -- The personal data of 146,000 students and recent graduates of Indiana University, including their social security numbers and addresses, may have been exposed during a data breach, the university said in a statement.
Among those affected are people who attended the university from 2011 to 2014 at seven of its campuses, it said late on Tuesday.
“The information was not downloaded by an unauthorized individual looking for specific sensitive data, but rather was accessed by three automated computer data-mining applications, called webcrawlers, used to improve Web search capabilities,” it said.
The university found last week that the data had been stored in an insecure location for the past 11 months. It then locked down the site and moved the data to a secure server the following day, it said.
The university notified the state's attorney general about the breach. It also set up an information hotline and a website to assist those concerned their data may have been exposed.
Guidelines: Please keep your comments smart and civil. Don't attack other readers personally, and keep your language decent. Comments that violate these standards, or our privacy statement or visitor's agreement, are subject to being removed and commenters are subject to being banned. To post comments, you must be a registered user on toledoblade.com. To find out more, please visit the FAQ.