ATLANTA — Georgia Tech is taking steps to help people whose personal information may have been compromised during a data breach.
Channel 2's Aaron Diamant has been following this story since it broke in April, when the college said someone gained unauthorized access to a web application, affecting nearly 1.3 million people, including "some current and former faculty, students, staff and student applicants."
Georgia Tech will be sending out letters offering credit monitoring and identify theft protection.
The breach was a SQL server intrusion that allowed the hacker to send queries through the server to the internal database that housed all the personal information. It went on from December to March.
One of the area's best-known consumer advisers, Clark Howard, told Diamant the options the school is offering those impacted by the cyberattack could give them a false sense of security.
“This whole thing about credit monitoring is ... it’s just the corporate playbook 101,” Howard said. “It’s a waste of people’s time. It’s a waste of Georgia Tech’s money. Credit monitoring does nothing to protect you after one of these data breaches.”
- Mile-wide asteroid with its own moon to pass Earth on Saturday
- Child rescued from car parked at Walmart on hottest day of year (Video)
- Massive American flag at RV dealership leads to fines, legal action
Clark urges all consumers to freeze their credit instead.
“We’re taking things very seriously in trying to help them feel better about, OK, we’re going to try to help you protect your data. We’re going to help you protect your credit,” said Georgia Tech spokesman Lance Wallace. “We’ve upgraded our security measures, and this is the kind of thing that we should be able to prevent going forward given what we know.”
But Howard has a warning.
“Any organization is subject to hacking, and it doesn’t matter how many precautions you put in place, if hackers are determined to hit your database or find a backdoor vulnerability into it, they’re coming in,” Howard said.
The FBI is still working to identify the hacker in the case.
Here is the letter released to the public:
To the campus community:
This is an update to members of the Georgia Tech community regarding the security incident experienced by Georgia Tech, about which you have received previous communications. Georgia Tech is notifying 1.265 million people and offering credit monitoring and identity theft protection services to individuals whose Social Security number was involved in the incident. This message explains the incident, measures we have taken to address the security issues, and some steps that individuals can take in response. Given our commitment to transparency and communications with our employees, we want to make sure you have the facts.
In late March 2019, Georgia Tech identified signs that an unauthorized person had found a way to send queries through a Georgia Tech web server to an internal database. Georgia Tech immediately implemented its incident response protocol, took steps to secure the web server, and began an investigation to determine what records in the database were accessed. The U.S. Department of Education was notified, and Georgia Tech set up a dedicated website on April 2, 2019, to share its preliminary findings.
Leading forensic firms were engaged to assist in the investigation and help determine the specific information that was accessed. The investigation determined that access to the database may have occurred between December 14, 2018, and March 22, 2019. The information contained in the database that may have been accessed includes name, date of birth, Social Security number, and Institute ID number. Our investigation has concluded, and we are in the process of providing written notice to certain members of our community.
What are we doing to address this?
Georgia Tech is notifying 1.265 million people and offering credit monitoring and identity theft protection services to individuals whose Social Security number was involved in the incident. To help prevent a similar incident from occurring in the future, we are taking steps to enhance existing security measures.
What should I do if I receive questions?
In the event you receive questions about the incident, please direct individuals to the call center we set up at 855-543-5399, Monday through Friday, 8 a.m. to 8 p.m., Eastern Time. And, in the event you are contacted by a member of the media, please state that any media requests should be directed to Institute Communications, and then immediately notify Institute Communications about the media inquiry.
Thank you for your continued dedication.
Cox Media Group