Yale University Sued Over 2008 Data Breach

Yale University Sued Over 2008 Data Breach

In a letter to those affected by the 2008 data breach, Yale said the breach was discovered on June 16, 2018, during a security review of its servers. After the university discovered the breach, it notified those affected and offered credit monitoring services and identity theft prevention tips.

Two lawsuits have been filed in federal court against Yale University. Both lawsuits are claiming damages from a 2008 data breach at Yale, which was discovered earlier this year.

Between April 2008 and January 2009, intruders gained access to a Yale database and gathered names, Social Security numbers, dates of birth, email addresses, and in some cases, physical addresses.

In a letter to those affected by the data breach, Yale said the breach was discovered on June 16, 2018, during a security review of its servers. After the university discovered the breach, it notified those affected and offered credit monitoring services and identity theft prevention tips.

A class-action lawsuit filed this week on behalf of Andrew Mason of Virginia claims that Yale was negligent in its handling of student data and that the university was reckless and acted with “willful misconduct” as it “turned a blind eye to” possibilities of a prior data breach. It also claims that the university used unfair trade practices.

A federal lawsuit on behalf of Julie Mason of New York was filed in August. The lawsuit also claims negligence, willful misconduct, recklessness and unfair trade practices. In addition, it claims that Yale had still not notified everyone who was affected as of Aug. 1, six weeks after discovering the data breach.

The breach affected an estimated 119,000 Yale alumni, faculty and staff, according to the lawsuits. One of the lawsuits claims that the breach affected a far broader group of people than initially identified by Yale, and that Yale did not make people aware that this type of their personal data had been stored.

In its letter to those affected, Yale said that the university had deleted personal information from the affected database in 2011 as part of a data protection program, but had not detected the data breach at that time.

“Yale takes seriously the protection of personal information, and we continue to improve our electronic security and eliminate the unnecessary storage of such information,” the university’s statement to those affected read. “We very much regret this incident and the inconvenience to you.”

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • Just as Expected

    GSX produced a wonderful tradeshow earlier this week. Monday was surprisingly strong in the morning, and the afternoon wasn’t bad at all. That’s Monday’s results and asking attendees to travel on Sunday. Just a quick hint, no one wants to give up their weekend to travel and set up an exhibit booth. I’m just saying. Read Now

    • Industry Events
    • GSX
  • NOLA: The Crescent City

    Twenty years later we finds ourselves in New Orleans. Twenty years ago the aftermath of Hurricane Katrina forced exhibitors and attendees to look elsewhere for tradeshow floor space. Read Now

    • Industry Events
    • GSX
  • Nothing Artificial About this Intelligence

    I have been looking forward to this year’s GSX show in New Orleans, the Cresent City, or if you prefer The Big Easy. It seems like quite a while since we’ve been here. Twenty years ago, ASIS, as it was known then was literally washed out of the city by someone known as Katrina. It is a good thing to come back to NOLA. Read Now

  • From Monitors to Mission Control

    Security Operations Centers (SOC) were once defined by rows of static monitors, each displaying a single feed with operators quietly watching for issues. That model has become obsolete. Incidents evolve too quickly, data comes from multiple locations, and decisions must be made in seconds—not minutes. Read Now

  • New Gas Monkey Garage Venue Uses AI-Enhanced Video Technology

    Gas Monkey Garage, the automotive custom shop and entertainment brand founded by Richard Rawlings of Fast N’ Loud TV fame, has opened a vibrant new restaurant and bar in South Dakota, equipped with advanced, AI-enhanced video tech from IDIS Americas. Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.