Serviceteam IT Security News

A US university renowned for its computer science programs has revealed that over one million current and former students and staff have had sensitive data accessed by an unauthorized third party.

Georgia Tech issued a brief note on Tuesday claiming that “unauthorized access to a web application” had allowed the individual to potentially steal data on 1.3m faculty, students, staff and student applications.

“The information illegally accessed by an unknown outside entity was located on a central database,” it added. “Georgia Tech’s cybersecurity team is conducting a thorough forensic investigation to determine precisely what information was extracted from the system, which may include names, addresses, social security numbers, and birth dates.”

The web app vulnerability in question has now been addressed after the university’s IT team discovered the incident at the end of last month, although it’s unclear how long the third party had access to the sensitive staff and student data.

The relevant educational authorities have been notified and more information is expected soon.

“We continue to investigate the extent of the data exposure and will share more information as it becomes available,” said Georgia Tech.

“We apologize for the potential impact on the individuals affected and our larger community. We are reviewing our security practices and protocols and will make every effort to ensure that this does not happen again.”

The incident could mean Georgia Tech is in breach of FERPA, the US privacy law covering student records, according to Mike Mason, general manager of cloud security at FairWarning.

“Learning institutions are incredibly rich in sensitive data for hackers,” he added. “This breach underscores the importance of monitoring cloud applications, and visibility at the application layer into who is uploading and downloading documents and other sensitive business information.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!