Georgia Tech security breach exposed up to 1.3 million individuals

Pierluigi Paganini April 03, 2019

The Georgia Institute of Technology (Georgia Tech) announced to have suffered a security breach, “an unknown outside entity” had access to data of up to 1.3 million people.

The Georgia Institute of Technology (Georgia Tech) suffered a security breach, on Tuesday it revealed that “an unknown outside entity” had gained unauthorized access to a database that stored the details of 1.3 million individuals.

Exposed data includes names, addresses, social security numbers, dates of birth, and internal identification numbers of up to 1.3 million students and student applicants, current and former faculty, and other staff information.

This security breach could be one of the biggest data breaches suffered by a US university.

The university quickly launched a forensic investigation to determine the extent of the breach.

“Georgia Tech discovered that unauthorized access to a web application has exposed personal information for up to 1.3 million individuals, including current and former faculty, students, staff, and student applicants. The Institute’s cybersecurity team is working to determine the extent of the access and to identify the affected individuals.” reads the statement published by Georgia Tech.

“The information illegally accessed by an unknown outside entity was located on a central database. Georgia Tech’s cybersecurity team is conducting a thorough forensic investigation to determine precisely what information was extracted from the system, which may include names, addresses, social security numbers, and birth dates.”

On March 21, the internal staff discovered the intrusion after noticing a significant degradation of the performance.

The internal staff discovered that the intruders had gained access as early as December 14, 2018, by exploiting a vulnerability in a web application. The flaw was quickly patched by the IT staff at the university.

The U.S. Department of Education and University System of Georgia (USG) have been notified, Georgia Tech has started notifying potentially impacted individuals.

The university announced that it is reviewing its security practices and protocols and will make every effort to ensure that this does not happen again.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Georgia Tech, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment