Georgia Tech suffered Data Breach leaving 1.3 Million Exposed
Georgia Tech confirmed that it has suffered from data breach when web app of a Georgia Institute of Technology exposed information of 1.3 million former and current students, staff members, as well as student applicants.
"A central Georgia Tech database was accessed by an unknown outside entity" revealed by the school in one of their press release. The press release further revealed that cybersecurity team of Georgia Tech is conducting a detailed forensic investigation so as to determine exactly what type of information has been extracted from system, which could include names, birth dates, addresses, and Social Security numbers.
Information security officials of the university are working so as to determine extent of this breach, along with identifying those who might get affected by the breach. The IT team found this web app vulnerability in late Mar. 2019 after noticing a substantial performance impact, and then traced that first unauthorized access to its system was on December 14, 2018. However, still it is unknown for how much time the hacker(s) have access to the Georgia Tech database.
Now, the vulnerability was patched. Also, the school said that "the U.S. Department of Education and University System of Georgia have been notified, and those whose data was exposed will be contacted as soon as possible regarding available credit monitoring services".
During the past few years, Georgia grows into a cybersecurity hub. Gov. of Georgia, Nathan Deal, announced in January 2017 that the state will invest an amount of $60 million for cyber range and training facility called Hull McKnight Georgia Cyber Innovation and Training Center in Augusta University Riverfront Campus of the school, which will combine expertise in the academia, government and private industry to establish the statewide cybersecurity standards.
"How ironic that a university with a high ranking in computer science, which offers courses in cybersecurity, got hacked. This in a state which has had privacy regulations in place - the Georgia Personal Identity Protection Act - since 2007" said Dan Tuchler, the CMO at SecurityFirst. SecurityFirst CMO Tuchler added that this gives a clear example of requirement for encryption of the personal data.
» SPAMfighter News - 22-04-2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!