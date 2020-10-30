I want to give you a little more information on the GTCC cyberattack that might have exposed the personal information of more than 40,000 students.
I published a story Tuesday that was complete as I could make it by deadline but that still had some holes in it. I sent several questions to the community college Tuesday after I saw the online report from DataBreaches.net that said the cyberattack that hit GTCC last month turned out to be pretty extensive.
I didn't get a response until Thursday afternoon, and several of the answers were (and I'm quoting) "due to an ongoing investigation, the college is unable to provide details at this time." GTCC declined to say how many people were affected by the data breach, how the hackers got access to the college's computer systems or what sort of information got out. It also declined to address the report from www.databreaches.net that I cited in my story.
GTCC did say that some former students and employees (in addition to current folks) were affected. The college also said that neither it nor the state of North Carolina paid a ransom to the hackers. Lastly, the college said it taken several undisclosed steps to improve data security. One of the big steps, as outlined in an email to students below, seems to be moving some computer systems based at the college to an off-site cloud with presumably better security.
Just so we're all on the same page, I'll share a pair of official GTCC communications — the initial statement the college sent me when I asked for information about the incident, and a message the college sent to students about the cyberattack.
Here's the statement I got from GTCC on Tuesday:
"Guilford Technical Community College has notified faculty, staff, and students of a recent ransomware cyberattack. This communication was in response to an unauthorized access to the college’s network, which was discovered on Sept. 13, 2020.
Upon discovery of the event, the College immediately launched an investigation, with the assistance of leading cybersecurity experts, the Federal Bureau of Investigation, and other state agencies to determine what happened and to remediate impacted systems.
Additionally, out of an abundance of caution, the college is proactively taking the necessary steps to assist those individuals who have been potentially impacted by the attack. The college’s faculty, staff, and students will be offered credit monitoring and identity restoration services for a period of one year.
Due to the ongoing nature of this investigation, the college is unable to provide further details at this time.”
And here's the email that GTCC President Anthony Clarke sent to students Tuesday:
Hello everyone,
As you may be aware, GTCC was the victim of a recent cyberattack. As the situation has evolved, I wanted to let you know that the College will be communicating to all students regarding free credit monitoring and identity restoration services. Because cybersecurity is a top priority for our institution, we are taking this step as a precaution, in order to provide you with support in monitoring your personal information.
At this point, the investigation into a criminal ransomware attack is almost complete. This was a malicious attack on our institution. Although we had security measures in place, the perpetrators were able to overcome them.
As I have stated before, we have moved our enterprise system, Ellucian Colleague, to a more secure location in the cloud. We are also moving other college software applications to the cloud as we complete the restoration of our network. Moving to a cloud environment has enabled us to maintain a more secure environment for our computer systems and information. Other changes to our policies, procedures, and protocols will be forthcoming as we work to make our IT environment as secure as possible.
We appreciate all of the hard work from our IT staff and all of our faculty and staff in getting us this far as we continue to work through the effects of this incident. We appreciate our students' continued patience and support as we continue to restore our systems and capabilities.
Thanks again to all of you for your support and patience.
Before you think that GTCC is the rare victim of a ransomware attack, it's not. Since it published its report Monday on the GTCC attack, DataBreaches.net has chronicled several more cyberattacks. This week's victims include a California company whose software lets you edit and sign PDF files, an Australian media monitoring company, a Michigan furniture maker, a New York hospital system, a health network in New England and the Wisconsin Republican Party, which apparently had $2.3 million stolen from one of its accounts.
The website also reported that another N.C. community college, Piedmont Community College in Roxboro, got hit with a ransomware attack back in August.
