Texas State Technical College (TSTC) Waco is notifying almost 3,000 former students and fewer than 2,000 employees that personal information may have been compromised after an unauthorized party remotely gained access to a server that contained the data.
How many victims? 2,867 former students and less than 2,000 employees.
What type of personal information? For former students, names and Social Security numbers were among the information. The employee files that may have been accessed contained employee-identifying information on conducting college business.
What happened? A network security analyst in the Office of Information Technology at TSTC discovered that a server containing the information was remotely accessed by an unauthorized party.
What was the response? TSTC immediately took down the server, deleted the files containing the data and repaired the vulnerability. The college opened an investigation with law enforcement and additionally hired a forensic team to investigate the matter. All impacted individuals are being notified and offered a free year of credit monitoring and identity theft protection services.
Details: TSTC learned about the incident on Jan. 30. The impacted students attended TSTC Waco during the summer and fall of 2006, and the spring and summer of 2007.
Quote: “Although we have no evidence at this time that any data was actually stolen, we wanted those affected to be alerted to the incident and to the possibility that a theft of TSTC data may have occurred,” according to a notification on the TSTC website.
Source: tstc.edu, “Unauthorized Server Access,” Feb. 14, 2014.