Dec 22, 2016 | Atlanta, GA
Georgia Tech Human Resources notified employees Thursday morning of a data breach that occurred in Tech’s systems earlier this month.
On Dec. 12, a Georgia Tech employee conducted research on a trusted website that had been compromised by a malicious software known as ransomware. The ransomware infiltrated the employee's computer, which was connected to Georgia Tech's network, allowing access to a variety of files — some of which included sensitive, personal information of current and past Georgia Tech employees.
Although the system was compromised for less than 30 minutes, data elements such as names, Social Security numbers, addresses, benefit elections, and, in a few instances, bank account numbers were potentially exposed. Georgia Tech Cyber Security quickly intervened to stop the breach and has successfully restored and secured the impacted systems. A full investigation is underway.
Out of an abundance of caution, Human Resources has notifed by email those who may be affected and will send a mailed letter to homes in the next week. The Institute is offering a complimentary one-year subscription to Legal Club of America (LCA), which offers an identity theft program providing identity monitoring, recovery, legal care, and other services.
Enrollment will be automatic, and LCA will contact employees directly via mail within the next month with further information. (Due to the holiday weekend, LCA will first be available to respond to any inquiries on Tuesday, Dec. 27.)
Georgia Tech also has proactively taken the step of notifying major credit agencies. Employees should consider taking additional steps to protect themselves. See the Human Resources site for more information.
Any additional developments and information will be made available on the Georgia Tech Human Resources website at ohr.gatech.edu/2016databreach. Questions and concerns related to the breach can be directed to firstname.lastname@example.org.