Georgia Tech Breach Strikes Possible 1.3 Million

broken padlock

Georgia Tech recently went public about a data breach — the second in less than a year — that could have exposed the personal information of up to 1.3 million people. The cause: a custom web application with a form that was vulnerable to SQL injection.

In mid-2018, Tech suffered data exposure when the university mistakenly sent personal details of almost 8,000 College of Computing students to fellow students as part of an invitation to a conference. The list was accidently attached to the e-mail.

The institution uncovered the latest unauthorized access on March 21, when developers for the school "noticed a significant performance impact" in one of its web applications (which has since been patched). From there, cyber criminals were able to gain access to a "central database."

The security team was able to trace the first of a series of unauthorized breaches to Dec. 14, 2018. By April 2, the institution had begun notifying those affected, including current and former faculty, students, staff and student applicants. The information available on the database included names, addresses, internal ID numbers, dates of birth and social security numbers. It didn't include financial information, health records, grades or research data.

Georgia Tech is working with forensic and data analysis firms, as well as its own police force and the FBI.

"We continue to investigate the extent of the data exposure and will share more information as it becomes available," the institute stated on its website. "We apologize for the potential impact on the individuals affected and our larger community. We are reviewing our security practices and protocols and will make every effort to ensure that this does not happen again."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • cloud, database stack, computer screen, binary code, and flowcharts interconnected by lines and arrows

    Salesforce to Acquire Data Management Firm Informatica

    Salesforce has announced plans to acquire data management company Informatica for $8 billion. The deal is aimed at strengthening Salesforce's AI foundation and expanding its enterprise data capabilities.

  • stylized AI code and a neural network symbol, paired with glitching code and a red warning triangle

    New Anthropic AI Models Demonstrate Coding Prowess, Behavior Risks

    Anthropic has released Claude Opus 4 and Claude Sonnet 4, its most advanced artificial intelligence models to date, boasting a significant leap in autonomous coding capabilities while simultaneously revealing troubling tendencies toward self-preservation that include attempted blackmail.

  • NVIDIA DGX line

    NVIDIA Intros Personal AI Supercomputers

    NVIDIA has introduced a new lineup of AI-powered computing solutions designed to accelerate enterprise workloads.