Hackers Use Google to Uncover Social Security Numbers of 43,000 Yale Students
- Posted on August 25, 2011 at 7:10am by
Liz Klimas
- Print »
- Email »
Personal info of 43,000 Yale students, staff and alumni was hacked using Google. Names and Social Security numbers were uncovered on an unprotected File Transfer Protocol (FTP) server.
USA Today reported that the hackers used a new-ish Google FTP search function to locate this unsecured server:
“With the addition of indexing data that is accessible via FTP, hackers can now identify wide-open FTP sites that may contain sensitive data or can be used to leapfrog to other machines on the company’s internal network,” said Tom Rabaut, RedSeal analyst, [a security firm]. “Also, Google offers the ability to restrict searches to a single domain which will make it easier for hackers to limit their data mining to only target companies.”
The Yale Alumni Magazine blog said that Social Security numbers were inadvertently made accessible to Google for 10 months.
The new function, which according to USA Today was created in September 2010, that is making hacking using Google searches possible: Google Hacking Database (GHDB). GHDB’s website says it reveals “Google dorks,“ those ”inept or foolish people as revealed by Google.”
Whatever you call these fools, you’ve found the center of the Google Hacking Universe! Stop by our forums to see where the magic happens!
The Who Are We section of GHDB website describes the hacking organization further, revealing that the database may have initially been created to do good:
We employ volunteer hackers (no questions asked) and engage their skills in short “microprojects” designed to help charities that can not afford traditional technical resources. Our industry experts vet all the work to guarantee a high-quality product, and volunteers are rewarded with glowing references from our industry-recognized subject matter experts. With each project, our volunteers move one step closer to that dream job, and a charity is brought one step closer to its technical goals. We’ve designed and built web sites, set up blogs, programmed custom web applications, conducted code reviews, performed security assessments and more, all through our volunteer’s efforts. In addition, thanks to one donor, we provide hosting, bandwidth and support for the final product free of charge.
GHDB provides these hackers with the tools they need to find “Google dorks,” which include vulnerable servers, sites containing usernames, passwords and more — all through Google.
Comments (33)
Sign In To Post Comments! Sign In
Popular Stories
Does Misstated Marathon Claim Prove Paul Ryan Is Dishonest? (POLL) 692 Comments
Paper Details Obama Admin’s Alleged Secret Note Sent to Iran: If Israel Attacks, We Won’t Get Involved 497 Comments
Obama: RNC Like Watching ‘Black-and-White TV’ Because Romney ‘Did Not Offer a Single New Idea’ 375 Comments
Roseanne Barr: Most Billionaires ‘Violent Pedophiles’ & ‘Heartless’ Cocaine Addicts 349 Comments
‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 332 Comments
Faith
This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 317 Comments
Pakistani Muslim Cleric Accused of Framing Disabled Christian Girl in Koran-Burning Case Read More- ‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 332 Comments
Meet the Controversial German Imam Accused of Brutally Beating His Wife & Pushing Sharia Law Read More
‘Self-Proclaimed Messiah’ & Unification Church Leader the Rev. Sun Myung Moon Has Died — Here’s His Life Story Read More
Business
President Obama Issues Major ‘Green Energy’ Executive Order 242 Comments- Germany’s Upcoming Court Ruling Will be Huge for the EU Read More
Ford Looks to Beat Toyota for Best-Selling Car in 2012 With This Model 148 Comments
Bernanke & QE3: Here’s What You Need to Know Read More- ‘Extortion’: Why Did the Labor Department ‘Drop the Hammer’ on Oregon Farmers? 302 Comments
Technology
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 317 Comments
‘TaserDrone’: Hackers Weaponize Quadcopter With Actual ‘Shocking’ Technology Read More
Ever Heard of the Wild ‘Burning Man’ Festival in the Middle of the Nev. Desert? Here’s Your Primer Read More
Stanford Develops Technology ‘Better Than Steroids’ for Athlete Recovery Read More
Have You Pretended to Know What ‘the Cloud’ Is? You’re Not Alone Read More
Submitting your tip... please wait!
Protoham
Posted on August 26, 2011 at 1:06amWhat part of “Not to be used for identification” do these people not understand.
Report Post »Eblaze44
Posted on August 25, 2011 at 7:34pmWell, well. Let’s see if they can really meet a challenge – hack into Obama‘s school records and let’s see his grades and who paid for his college.
Report Post »mareseatoats
Posted on August 26, 2011 at 12:43pmThat would be very interesting. Wonder who his Best Buds were?
Report Post »hi
Posted on August 26, 2011 at 11:04pmYes!!!
Report Post »AR15Rick
Posted on August 25, 2011 at 6:56pmi dont use facebook or twitter and i never will . they will sell you out in a heart beat . and facebook just loves obama .
Report Post »santramir
Posted on August 25, 2011 at 5:16pmcheap distractions no more !!. STOP the FED !!. get your dollar power back !!.
Report Post »v12tommy
Posted on August 25, 2011 at 5:05pmThis isn‘t Google’s fault, this is Yale’s fault for placing the info on unsecured servers.
Report Post »jb.kibs
Posted on August 25, 2011 at 9:17pmYeah, it is Yale’s fault for being newbies.
Report Post »CulperGang
Posted on August 25, 2011 at 4:44pmBureaucrats of corporations don’t respect individual privacy. We are all just a number with our personal business at key stroke. Hakcers of the world unite and get into their businesses and lay them bare ass naked. They can hide behind gated communities and eight feet walls………..but not key strokes………..do to the bastads what they do to other peeps…..of the world. Rocking in da ahking world. At the end of the day it is the khack that can bring the rotten elite globalist to their knees……….by creating mass confusion and laying them bare. enslaving them in their own rotten bubble. One key stroke and soros is dirt poor. wooo Hoooo
Report Post »Rock on hakceries.
Smug
Posted on August 25, 2011 at 1:24pmI find this story interesting just because of the hacking aspect. I had an e mail address that was set up several months ago, and had never been used except to set it up. Had all but forgotten about it until I went there recently, and found there were numerous unsolicited e mails on that site. I did a little research and found that your e mail address can be hacked into and or cloned and people can send e mails from your address all over the world. At any rate my IT guy (husband) is working to fix the problem. I suppose technology can be both a blessing and a curse ……………MSSMUG
Report Post »Jim in Houston
Posted on August 25, 2011 at 2:19pmSigned up for a gmail account when they first came out only to find it over run with spam and unsolicited trash – a couple of hundred a week or more. Tried to cancel, but they insisted on a forwarding email address. Since I am a little brighter than the dimmest bulb in the chandelier, I chose not to do so. I now use it as a throw away when I need to give an email address for something, but don’t want to let them have my real one. It is good for posting on sites such as this, but nothing else.
Report Post »Balrog28
Posted on August 25, 2011 at 2:41pm@ JimInHouston
Report Post »Why don’t you just use joe.blow@fakeco.com like i always do?
spadikam12
Posted on August 25, 2011 at 1:23pmThere is a world outside USA without laws and regulations. Not only people but also countries encourage hacking USA computers.
Report Post »IT is the cause of recession 2008 , China itself hacking more than hundreds of billions dollar worth of information every year. Sue China for 2 Trillion Dollars.
h3llyahimerican
Posted on August 25, 2011 at 12:35pmYou can google anything these days it seems.
Report Post »captainbars
Posted on August 25, 2011 at 11:55amSocial Security (now there’s an oxymoron!) warns us to guard the number and card and not give it out, but everywhere you turn, some business is asking for it, a requirement they claim. If you refuse, the door is closed. In AR in the 90′s people were allowed to use their social as DL#, to make it “easy” for us they said. If we’re not supposed to give it out then why is it a requirement for the phone, gas, electric, loan, etc companies to own it? Read the small print and you find they give or sell your info to others. Who needs hackers? We give out tons of info all the time without realizing it; social networks, friends, strangers. We‘re screwing ourselves over and then we have to pay for stuff like Lifelock to protect what we’re throwing out there. With Google Chrome muscling in on the other browsers, it wouldn’t surprise me if the competition did this to make them look bad. The more sophisticated the technology, the more sophisticated the problems. Stop texting, blogging, every little thought that pops into your head. Like my officer daddy used to say; “Don’t tell them any more than they need to know.”
Report Post »South Philly Boy
Posted on August 25, 2011 at 10:55amGoogle is getting to be a PAIN. Now on some websites if you use the back arrow at the top left of the page or the mouse back button you see “googleads.g.doubleclick.net” at least one and have to click once or twice to get back to the previous page. I hope The Blaze dosen’t do that.
Report Post »Psychosis
Posted on August 25, 2011 at 12:43pmya um dude you have adware or a virus
clean your machine
Report Post »Attention2Detail
Posted on August 25, 2011 at 9:50amMaybe Yale needs to raise tuition so they can afford to hire an IT staff.
Report Post »bisbad1955
Posted on August 25, 2011 at 9:14amI wish the hackers would use their talents to find out what President Obozo’s real SS # is.
Report Post »gcc
Posted on August 25, 2011 at 9:10amI wonder if they cot members from the skull and bones society there.
Report Post »gcc
Posted on August 25, 2011 at 9:09amI wonder if skull and bones society members are on the list. That could be interesting for someone.
Report Post »mikeg72
Posted on August 25, 2011 at 9:07amWhat is the punishment for these crimes? Maybe a long stretch in a Federal Prison would make it not worth their while. These crimes are happening because it’s easy and the risk is low. Change one or both factors and the problem won’t go away but it will deter most. Also, much of this comes from countries outside the US. Somehow, we need to find a way to get cooperation from these countries. Maybe limit our foreign aid? Or cut them off all together. Oh, that’s right, we can‘t do that or we won’t have any friends..
Report Post »windycitywoman
Posted on August 25, 2011 at 8:57amHello Beck friends! I have started a prayer group for Glenn and his endeavors on educating our youth and his mission on Israel. This group also posts news articles and videos on topics Glenn has covered on his show. Many others and I are members of GBTV and will be discussing his show daily and posting what he shares on the Internet. This is a great way to stay in the loop if you do not have GBTV!. We also do wonderful fast and prayers on Wednesdays for our country. If you are a “like minded” Christian, Conservative Glenn Beck fan please join us (300 of us and growing rapidly and without the TROLLS)! Find me on Facebook under Sharon Grek Papucci and send me a friend request! Men may spurn our appeals, reject our message, oppose our arguments, despise our persons, but they are helpless against our prayers.” -Sidlow Baxter
katenga
Posted on August 25, 2011 at 8:33amIf you google or use any kind of search engine to ask, ‘How can I hack a system?’ you will find information on that question. If you ask ‘how can I rob a bank,‘ or ’how to be a communist’ similarly, you will get access on that answer. I would hardly put the majority of the responsibility on a search engine that caused this. Your local library has books that can answer these dangerous questions – it’s not the fault of google. Mostly the blame falls on the irresponsible system managers of Yale for failing to secure this kind of information and the GHDB group which is not sponsored by google.
Report Post »loriann12
Posted on August 25, 2011 at 9:03amThey employ hackers, no questions asked, for charities that afford such things? Is this so charities who can’t afford to buy emails can spam everyone? That explains my sudden explosion of clothing donation calls and emails. I think every chartiy in the world has asked me for donations.
Report Post »Charles
Posted on August 25, 2011 at 8:14amGood. Use their SS#‘s to get those Yale ’students’ signed up for their red diaper doper baby cards and ACLU memberships right away! Lol
Report Post »13th Imam
Posted on August 25, 2011 at 9:41amI volunteer at a Reading clinic right across from the Yale PD. Most of these Yale students are googlley(eyed), pun intended, pinheads, that have led sheltered lives of comfort. The MMGW issue is one of their favs, but they shrug off any notion of legitimate proof, We tutor kids in reading (over 200/yr), because the New Haven Teachers Union members are pathetic( for the most part) slackers.,
Report Post »alina.bolero
Posted on August 25, 2011 at 8:12amCalling this “hacking” would be like saying Jimmy Hendrix made great music by tripping over a guitar somebody left in the street! These guys do seem to be rather “white hat” in nature. Neither Google, nor this group, should be held liable for the fact that some moron FTPed a sensitive file onto a server with anonymous public access! In the days of Internet etiquette, we would politely inform the sys-admin of the error of their ways. Only after they cop major attitude with the messenger of their misconfigured server would we go public with what arrogant fools they are.
Arrogant fools at Yale? I can’t imagine it! Heh!
Report Post »OLDBIKEFIXER
Posted on August 25, 2011 at 7:55amJust more proof that Google is pure evil. I‘ve used Google’s search engine a few times in the past, but there are other, better search engines out there that are not financed by the Obama regime. And – if you have a “Gmail” address, every email you’ve ever sent or received is accessible to anyone, and has most likely been monitored by the government.
On the “bright side”, the hackers discussed in this story were hacking Yale people, who are just about all Communist lefties, so I’m sure that if anything bad happens to them (identity theft, IRS audits, etc.), they’ll be helped out by their “big government” buddies.
Report Post »kdzndogdad
Posted on August 25, 2011 at 8:46amUnfortunately I used gmail for 3 years before I switched. I’ve been deleting my old gmail but I assume that there is a database somewhere and they will NEVER go away.
Report Post »And to think that we used to laugh at the movies several years ago about the Government collecting data on it’s citizens; “Enemy of the State” with Will smith pops into mind. That movie now seems prophetic.
qpwillie
Posted on August 25, 2011 at 7:52amI didn’t know Google had an FTP search feature. Most people who have personal sites don’t do much to make their FTP accounts safer.Actually, I don’t know much they could do. Why in the world would Google do that?
Report Post »kickagrandma
Posted on August 25, 2011 at 7:44amWish they‘d hack obammy’s blackburried and let the world in on his secrets like $$$$$ paid by controllers, controllers, etc., etc.
Now that would be NEWS we all could use.
Report Post »GETLIFE
Posted on August 25, 2011 at 7:26amLooks llike a “google dork” can be anyone who is not a total computer geek. I have been Google-free for about a year now. Quitting was actually much easier than I expected. But don’t wait, before it’s too late–if you are a user, get help now.
Report Post »