By: Linda Perkins
On April 2, 2019, The Georgia Institute of Technology (Georgia Tech) announced that it had sustained a data breach when one of its central databases was accessed by an unknown outsider through a web application, thereby exposing the personal information of up to 1.3 million current and former faculty members, students, staff and student applicants. Local news organizations report that information security officials at the university are continuing to investigate the incident to determine the extent to which its systems were compromised and to identify those individuals whose information was compromised.
Georgia Tech first discovered the data breach in late March, and the U.S. Department of Education was notified of the security incident. Personal information potentially compromised by the data breach may include names, addresses, social security numbers and dates of birth. Last year, personal information for nearly 8,000 students in the school’s College of Computing was mistakenly emailed to other Georgia Tech students by the university. At that time, student identification numbers, telephone numbers, dates of birth, addresses, grade-point averages and nations of origin for students born outside the U.S. were impacted.
March 2019 has seen several data security incidents involving higher education institutions. Student and parent communities learned that admissions databases at three different U.S. colleges were hacked into after several applicants to Grinnell, Hamilton and Oberlin colleges received strange emails offering to sell them their college application files for one Bitcoin, valued at around $3,900. Law enforcement authorities were informed of the data breaches, and students were assured that admissions data systems at the colleges were secure despite the hacking and unauthorized access to some student files.