New search engine blamed for breach of privacy at McGill
A new search engine installed on McGill University’s server turned out to be more thorough than intended.
On April 27, cbc.ca reported that, “private academic records of hundreds of students [from 2004] were made accessible on the school’s website.” The glitch was discovered by a student who, when he entered his last name into the search engine, retrieved his brother’s transcripts.
“As soon as we discovered the breach, we immediately addressed it,” deputy provost Morton Mendelson told the CBC.
“We removed the files, corrected the breach and we are moving forward. We’ll take precautions to ensure that analogous problems do not occur again.” Mendelson could not be reached for comment.
George Farah, Queen’s information technology services security manager, told the Journal students shouldn’t worry about a similar mishap happening here.
“We do not have a search engine installed locally on campus,” he said.
“In the future, if IT services considers installing a search engine like at McGill, [we would] install a lot of security checking,” he said.
Although the multiple IT offices across campus don’t currently have a unified security system, Farah said IT Services is working on the integration of security testing to help ensure the protection of confidential information.
—Lisa Jemison
All final editorial decisions are made by the Editor(s) in Chief and/or the Managing Editor. Authors should not be contacted, targeted, or harassed under any circumstances. If you have any grievances with this article, please direct your comments to journal_editors@ams.queensu.ca.