Georgia Tech has verified that its students and staff have been involved in a data breach that was confirmed in late March. With an enrollment of around 30,000 students and a staff of nearly 8,000, for over a million users to be infected means the breach would have had to have accessed years’ worth of data. The breach is believed to have come from unauthorized access to a database that is ran through a web application which stores student and staff information. Personal information such as names, addresses, Social Security numbers, and date of birth may have been obtained. Cause for concern from the school came when developers discovered a “significant performance impact,” involving the app. Shortly after it was noticed, a patch was enabled which halted the issue. Investigations are currently underway, and developers are continuously observing the app’s function for more vulnerabilities. Georgia Tech says they will reach out to those involved in regard to a credit monitoring service but have not confirmed if it will be available for free.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased