JAMESTOWN — GTCC said Friday that it's still not sure how many former students and employees were affected or how much personal information might have been compromised in a September ransomware attack on the college's computer network.
The community college also said Friday it sent formal notices last week to current and former students and employees who might have been victims of the ransomware attack. GTCC also has set up a hotline for those who didn't get a letter from the college.
In Friday's news release and the Nov. 5 letter sent to potential victims, GTCC gave more details about the cyberattack, which shut down the college for a day in September:
• One or more people had unauthorized access to the college's computer network from Aug. 5 to Sept. 13, when GTCC discovered the intrusion. Some of GTCC's computer systems were encrypted, or locked, by the attackers.
• The college confirmed that the attackers had access to some personal information of an unknown number of current and former students, faculty and staff members. In its Nov. 5 letter, GTCC said the cybercriminals might have seen names, addresses and Social Security numbers. The college also said that attackers might have had access to the banking information of those who gave the college their direct deposit information. A website that tracks data breaches and cyberattacks reported last month that it found online thousands of GTCC files, including one that contained personal information — names, birth dates, GTCC email addresses, Social Security numbers and other data — of more than 43,000 students.
• However, according to the Nov. 5 letter, GTCC said it is "still unable to confirm the extent of personal information accessed by the cybercriminal(s)" and told former students and employees that they should assume that their personal data has been compromised.
• GTCC is now offering two years of free credit monitoring and identity restoration services to current and former faculty, staff and students. The college previously had offered one free year of assistance.
GTCC didn't say how the attackers got into the college's computer network but said previously that it didn't pay a ransom to the cyberattackers. In a ransomware attack, cybercriminals typically demand payment to unlock affected computer systems. The college said it is continuing its investigation with help from state agencies, the FBI and other cybersecurity experts.
The community college said it has already taken several steps to strengthen its data security and promised it will introduce new technological safeguards in the coming weeks.
The cyberattack led GTCC to close all of its campuses across Guilford County and cancel all in-person classes Sept. 14, the day after it discovered the breach. GTCC campuses reopened the next day, but some face-to-face classes didn't meet again until Sept. 21. The college said in September that the cyberattack affected three computer systems used by students for advising, financial aid and class registration.
If you think you were a victim
GTCC has set up a telephone hotline for former students and employees who think they might have been victims of the ransomware attack but didn't get the Nov. 5 letter from the college.
The call center number is 833-256-3157. Callers must provide the number DB23621. Call center hours are 9 a.m. to midnight on weekdays and 11 a.m. to 8 p.m. Saturday and Sunday.
GTCC said the call center will take contact information from each caller. The college said it will contact callers within three days.
Contact John Newsom at 336-373-7312 and follow @JohnNewsomNR on Twitter.