ATLANTA — Georgia Tech says more than a million people's personal information may have been exposed after someone gained "unauthorized access" to a web application. Investigators are working to learn who's behind the massive breach.
Officials said the breach impacts 1.3 million people, including "some current and former faculty, students, staff and student applicants." They do not know what information was taken from the system, but it may include names, addresses, Social Security numbers and birth dates.
It’s a massive number considering the school’s current enrollment is just under 27,000 students plus faculty.
Georgia Tech said its database was accessed by an "unknown outside entity" in late March, and said it "immediately corrected the impacted application."
Georgia Tech’s cybersecurity team is conducting a thorough forensic investigation.
Channel 2's Aaron Diamant was at Georgia Tech Tuesday afternoon as word spread on campus about the breach.
“I’m just trying not be too worried about it right now. I have a lot of stuff going on, finals approaching and such," freshman Eva Hutton told Diamant.
Versprite cybersecurity consultant Tony Ucedavelez broke down why Georgia Tech makes an attractive target, saying the personal data an elite school like Tech keeps is particularly valuable -- well beyond just fodder for identity theft.
“Their relationships with different technology companies worldwide, as well as with the federal government makes them much more unique," Ucedavelez said. “It’s really about getting as much data as possible in being able for the bad guys to do their own data analytics to see where they want to focus in on targeted attacks.”
Officials said the U.S. Department of Education and University System of Georgia have been notified, and, "Those whose data was exposed will be contacted as soon as possible regarding available credit monitoring services."
Students said they received an email from the Georgia Tech's vice president of information technology explaining the breach.