GREENSBORO, N.C. — New information is giving insight into the magnitude of a data breach that occurred at Guilford Technical Community College last month.
Various personal information ranging from Social Security numbers, names, email, and home addresses, as well as dates of birth belonging to current or former staff and students, are now in the hands of hackers.
The data breach happened late on Sunday, Sept. 13 but GTCC discovered it the next day. The discovery led to the shutdown of on-campus classes for several days.
According to independent privacy and data protection watchdog Databreaches.net;
"The threat actors dumped thousands of files containing student and employee information. In just one file alone, DataBreaches.net found more than 43,000 students' names, date of birth, Social Security number, postal address, phone number, and GTCC email addresses."
The college said in a statement Wednesday that it's investigating the cyberattack "to determine what happened and to remediate impacted systems." State agencies, cybersecurity experts, and the Federal Bureau of Investigation have provided assistance.
The college also said it has contacted students, faculty, and staff members who were potentially affected and would offer credit monitoring and identity restoration services for a year.
"They were telling us to change our passwords and stuff after the fact. I've been here for a little while so there's a very good chance that I am part of that breach. So, the school needs to take steps in preventing this from happening again," student Eddie Byrd said.
"Knowing this, I would like to know if my information has been breached as soon as possible. Whoever has been affected and their personal information has been received, I feel bad, that's unfair and that's definitely not OK," another student Garrett Nuckolls said.
IT experts said cyberattacks on academic institutions are now commonplace. They said access to money is the primary driver for such attacks and urge people to act quickly to protect their financial information.
"Having some fraud protection, identity theft protection, some monitoring is absolutely crucial. So, when those details are attempted to be used the triggers will alert and people will be notified," Bryce Porter, a cybersecurity expert said.
Both the college and the FBI declined to comment further "due to the ongoing nature of this investigation."
