Reveal personal data of more than 1.3 million people from a vulnerability in web application
Georgia Tech (Georgia Institute of Technology) - one of the largest US education institutions recently announced the discovery of a serious data breach targeting its system, affecting nearly 1.3 million people. .
More specifically, according to a message from Georgia Tech posted on April 3, 2019, the organization's security experts discovered an unauthorized access to its web application, at the same time. Disclosure of personal information of nearly 1.3 million people who once connected with Georgia Tech including faculty, students, staff, and even high school and college students.
- Hackers antivirus application preinstalled on Xiaomi phones into malware
Basically, there was a security hole in the Web application of Georgia Tech that was exploited by hackers to gain unauthorized access to the personal information store stored on the agency's network. Web developers at Georgia Tech are now investigating a number of issues related to the performance of one of the web applications they consider contain unauthorized access. The initial investigation showed that in fact, the incident began in mid-December last year, specifically on December 14, 2018.
Carefully analyzing the FAQ for data breach notification by Georgia Tech, the agency's application developers have noticed a significant impact on performance in one of their web applications. me Therefore, they began a secret investigation on March 21, 2019, and the result is as we know it.
- Insider attacks are becoming more and more popular and difficult to detect
For a while, Georgia Tech discovered that the breach led to personal data including names, addresses, internal identification numbers, birth dates and social security indicators of current students. study, alumni, faculty and also staff, as well as the institute's college-preparatory candidates who have been hacked by unauthorized attackers and may have been 'out Outside 'on the black market trading data. Georgia Tech has begun sending detailed notices to affected individuals as soon as the case is discovered.
Unfortunately, at the present time, the security team of this institute has not been able to identify the identity and origin of those behind the serious infringement. The only information that Georgia Tech could claim was that their central data warehouse was 'illegally accessed by an unidentified entity outside the intranet system'. Current thorough forensic investigations are being rushed to determine exactly what information is extracted from the system (including names, addresses, social security numbers and birth dates), not exclude the possibility that Georgia Tech will have to resort to the help of federal security agencies if things go out of their control.
- The list of nearly 600 MAC addresses was targeted in the recent hacking of millions of ASUS computer users
Currently, the vulnerability to this serious security issue has been patched, and Georgia Tech is also actively monitoring and dealing with vulnerabilities that may exist in its network. The US Education Administration and the University of Georgia System have now been notified of the case as well as details of the ongoing investigation.
This is the second security incident affecting Georgia Tech in just one year. According to DataBreaches.net's report, in July 2018, nearly 8,000 students were affected by a breach of personal data stemming from the unfortunate reason when an Georgia Tech employee was unconscious. attached to a spreadsheet file containing confidential student data and emailed to other students. In this case, shared data includes ID numbers, home addresses, Visa information, GPA and student learning outcomes.
You should read it
- What is data leakage?
- What you need to know about an information security analyst
- 5 types of data theft you should know to prevent
- Data of more than 20 million Taiwanese citizens leaked on the dark web
- 4 web browsers pay great attention to security
- Survey: People tend to easily lose personal data regardless of the consequences
- 10 biggest data leaks in the world in 2018
- There were 12,449 serious data breaches recorded in 2018, an increase of 424% compared to 2017
May be interested
- Backup personal data on Facebook, Twitter and Google+if you are a regular user of social networks to post personal updates, exchange and chat ... then surely you will be interested in saving your personal data online.
- Instructions for creating GPG keys to encrypt and secure personal datagpg is known as an application that supports encryption of files, emails, and messages to secure important information. many people will think that encryption is very complicated and difficult to do. with the instructions for creating gpg keys to encrypt and secure personal data that tipsmake introduces below, you will see that this is not that difficult.
- 773 million emails, 21 million passwords were revealed on the Internet, this is the largest personal data leak in history772.904,991 emails and 21,222,975 user passwords have been shared publicly on the internet. this is the largest data leak by scale and is named collection # 1.
- Hacker Instagram offered to sell personal information of 6 million accounts on DoxaGraminstagram has been stolen large-scale data when an unknown hacker snatched up personal information of more than 6 million instagram accounts.
- 267 million Facebook user data has been stolen and sold267 million personal data of users on this platform are being sold for cheap at $ 600 on the dark web!
- A 14-year-old child who has found a FaceTime error on iOSnot a technology expert but a 14-year-old boy who discovered the vulnerability could be eavesdropped on apple's facetime application.
- Personal data of more than 500 million LinkedIn users was leakedlinkedin is a social network for the business community and is currently widely used by many users. about 500 million linkedin users have been exposed to personal information.
- Survey: People tend to easily lose personal data regardless of the consequencesthis is the conclusion made after the survey by thebestvpn, one of the most popular virtual private network (vpn) service providers in the world.
- Hackers sell personal data of millions of people in Moscow for only $800an unidentified group of hackers is selling a package of stolen databases containing 50 million records of data related to transportation activities in moscow, russia.
- An online dating application hacked, 3.6 million users affectedthe relatively detailed personal information of 3,688,060 users of the popular online dating app mobifriends has been publicly posted by the hacker and is now available for download.