Georgia Tech has verified that its students and staff have been involved in a data breach that was confirmed in late March. With an enrollment of around 30,000 students and a staff of nearly 8,000, for over a million users to be infected means the breach would have had to have accessed years’ worth of data. The breach is believed to have come from unauthorized access to a database that is ran through a web application which stores student and staff information. Personal information such as names, addresses, Social Security numbers, and date of birth may have been obtained. Cause for concern from the school came when developers discovered a “significant performance impact,” involving the app. Shortly after it was noticed, a patch was enabled which halted the issue. Investigations are currently underway, and developers are continuously observing the app’s function for more vulnerabilities. Georgia Tech says they will reach out to those involved in regard to a credit monitoring service but have not confirmed if it will be available for free.
Analyst Notes
The major credit bureaus should be contacted by users to ensure that they are aware of possible identity theft, to which they will place a fraud alert on their file. Users should also ask for a copy of their credit report from the bureaus so they can see if there is something unusual on their credit. Banks and credit card companies should be contacted as well and they will typically put a hold on users accounts to avoid further damages.
