You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

College Hacked, Students Exposed

Hackers stole sensitive data on over 40,000 students. Now for the school's recovery.

Attacks on school after school after school...

Schools are under attack. Again and again.

Students and faculty at North Carolina's Guilford Technical Community College (GTCC) are the latest victims.

In an attack last month, hackers stole sensitive data on as many as 43,000 current and former students and faculty at the school. All of this using the infamous DoppelPaymer Ransomware variant.

More than 43,000 students’ names, date of birth, Social Security number, postal address, phone number and GTCC email addresses were found online.

DoppelPaymer is one of the more vicious forms of Ransomware that allows the hacker to steal tons of data before encrypting (i.e. locking) the network. It's only after the data is successfully stolen that they announce their presence and demand their eye-watering ransom demand.

The attack shut down critical computer systems and even forced administrators to cancel classes. With the broad rollout of online learning, many schools have faced additional challenges.

Researchers discovered a student's unencrypted personal information in five different online files purportedly taken during the cyberattack.

Operations at the school effectively ground to a halt as they dug through the attack to understand what had been stolen and what was lost. Affected services include class registration and financial aid offices.

As of this writing, the school has not paid the ransom. Recent US Treasury regulations levy huge penalties on people and organizations who pay Ransom demands to sanctioned groups.

School faculty and administrators already have a ton on their plates, and cybercriminals know just the right tactics to compromise schools.

The good news is that these hacks can be stopped!

The first step is training your team to avoid the initial Phishing email, the ones that school employees are getting every single day.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

Want a quick quote? Hit us up here! (No sales call necessary!)

Original article here.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.