Johns Hopkins University will offer identity theft protection to more than 2,000 former grad students after discovering their private records were accessible to the public.
Officials say the Social Security numbers of 2,100 former grad students at Johns Hopkins' Homewood campus were left on a database that was accessible online. Only students who attended from 2007 to 2009 were affected.
Dennis O'Shea, a university spokesman, told The Baltimore Sun the records were accessed a few dozen times through search engines or web crawlers.
O'Shea said no other records were posted online.
Just over a month ago, the FBI learned that information stolen from the school's Department of Biomedical Engineering web server had been posted on the Internet. According to the school, the department received an extortion message from a member of the hackers’ group called Anonymous.
In that case, much of the stolen information was employee information that was publicly available on the department website.
The University of Maryland, College Park was also the victim of a data breach twice this year.
First, hackers obtained names, Social Security numbers and other private information for 287,580 students, alumni, faculty and staff. Then, a breach resulted in the release of personal data about one senior university official.