Georgia Tech Breach Strikes Possible 1.3 Million

broken padlock

Georgia Tech recently went public about a data breach — the second in less than a year — that could have exposed the personal information of up to 1.3 million people. The cause: a custom web application with a form that was vulnerable to SQL injection.

In mid-2018, Tech suffered data exposure when the university mistakenly sent personal details of almost 8,000 College of Computing students to fellow students as part of an invitation to a conference. The list was accidently attached to the e-mail.

The institution uncovered the latest unauthorized access on March 21, when developers for the school "noticed a significant performance impact" in one of its web applications (which has since been patched). From there, cyber criminals were able to gain access to a "central database."

The security team was able to trace the first of a series of unauthorized breaches to Dec. 14, 2018. By April 2, the institution had begun notifying those affected, including current and former faculty, students, staff and student applicants. The information available on the database included names, addresses, internal ID numbers, dates of birth and social security numbers. It didn't include financial information, health records, grades or research data.

Georgia Tech is working with forensic and data analysis firms, as well as its own police force and the FBI.

"We continue to investigate the extent of the data exposure and will share more information as it becomes available," the institute stated on its website. "We apologize for the potential impact on the individuals affected and our larger community. We are reviewing our security practices and protocols and will make every effort to ensure that this does not happen again."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  •  floating digital interface with glowing icons, surrounded by faint geometric shapes

    Digital Education Council Defines 5 Dimensions of AI Literacy

    A recent report from the Digital Education Council, a global community devoted to "revolutionizing the world of education and work through technology and collaboration," provides an AI literacy framework to help higher education institutions equip their constituents with foundational AI competencies.

  • From Fire TV to Signage Stick: University of Utah's Digital Signage Evolution

    Jake Sorensen, who oversees sponsorship and advertising and Student Media in Auxiliary Business Development at the University of Utah, has navigated the digital signage landscape for nearly 15 years. He was managing hundreds of devices on campus that were incompatible with digital signage requirements and needed a solution that was reliable and lowered labor costs. The Amazon Signage Stick, specifically engineered for digital signage applications, gave him the stability and design functionality the University of Utah needed, along with the assurance of long-term support.

  • lock with a glowing keyhole integrated with a transparent, layered server stack against a dark background with a subtle grid pattern

    Cohesity Integration Adds Protection for Red Hat OpenShift Virtualization Workloads

    AI-powered data security company Cohesity has expanded its collaboration with Red Hat to enhance data protection and cyber resilience for Red Hat OpenShift Virtualization workloads.

  • computer screen displaying a landline phone being unplugged from a single cord, with a modern office desk, keyboard, and subtle lighting in the background

    Microsoft to Discontinue Skype Services

    Microsoft has announced that it is shutting down service for its Skype telecommunications and video calling services on May 5, 2025.