John Newsom
- October 28, 2020
A data breach that disrupted GTCC a
month ago might have affected tens of thousands of the community college's
current and former students.
GTCC was hit with a ransomware
cyberattack in mid-September during which someone got unauthorized access to
the college's computer systems.
The Guilford County community college
said Tuesday in a four-paragraph statement it investigated the cyberattack
"to determine what happened and to remediate impacted systems." The
college said state agencies, cybersecurity experts and the Federal Bureau of
Investigation assisted, but did not provide details about how the hackers
gained access to GTCC's computer systems and what it has done to prevent a
future attack.
GTCC said it has contacted students, faculty and staff members potentially affected by
the data breach and will offer them credit monitoring and identity restoration
services for a year.
The college declined further comment
about the cyberattack "due to the ongoing nature of this
investigation."
A GTCC spokeswoman also declined to
comment on an online report that the data breach might potentially affect more
than 40,000 students.
DataBreaches.net,
a website that covers cyberattacks and other cybersecurity incidents in the
United States and around the world, reported Monday that it was contacted by a former
GTCC student who learned about the breach from a credit-monitoring service. The
website said it later found "more than 43,000 students’ names, date of
birth, Social Security number, postal address, phone number and GTCC email
addresses" in one file posted online.
DataBreaches.net also said it
discovered the student's unencrypted personal information in five different
online files purportedly taken during the cyberattack. The website said it
found employee information as well.
GTCC discovered the data
breach Sept. 13* and took its critical computer systems offline that afternoon.
The college closed all of its campuses the next day and canceled all
face-to-face classes.
The college reopened its
campuses Sept. 15, but some face-to-face classes didn't meet in person until
the following Monday. The cyberattack also affected three computer programs
that students use for class registration, advising and financial aid as well as
several student-serving offices, including financial aid and admissions.
DataBreaches.net reported that GTCC was hit with DoppelPaymer, a malicious program that prohibits computer
users from getting access to their own files unless they pay a ransom. The
website, quoting a college spokeswoman, also reported that GTCC did not pay the
attackers.
Editor's
note: An earlier version of this story gave the incorrect date for when GTCC
initially discovered the data breach. That date was Sept. 13.
Contact John Newsom at (336)
373-7312 and follow @JohnNewsomNR on Twitter.