Reporting Data Exposure to University

I recently enrolled at a large Canadian university. When logging into a library computer for the first time, I found that there was one network-attached drive connected. This drive contains hundreds of gigabytes of seemingly random files dating back over a decade. I went through some of the files and while most are junk, there are some very sensitive documents such as old databases for all sensitive patient comments from campus health center sessions, employee documents, financial documents, doctor's patient notes, and other legal documents, some even containing SIN numbers. It seems this drive would be accessible by all users, and is automatically mounted when you log in (Under My Computer on Windows, and in the file explorer sidebar). The files date back many decades so I would assume it's always been here, or perhaps recently accidentally made accessible. I fear potential retaliation from the university as they would be able to see that I've opened many of the files.

Touch here for the full post on Network Security Noblemen tumblr

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s