Bristol Community College has disclosed a data breach that compromised more than 50,000 Social Security numbers, according to information received by the Maine Attorney General.
The disclosure was made by the Massachusetts educator on May 10th, which sent a letter of notification to the 56,400 victims. Of these, only 277 reside in Maine. The state has unusually stringent reporting requirements from organizations hit by cyberattacks that affect its citizens.
In the letter, the college said had it discovered “unauthorized access” to its network by suspected threat actors between December 14th and 23rd, although according to the Maine Attorney General this discovery was not made until April 10th.
Bristol Community College says it immediately launched an investigation with cybersecurity professionals to locate and repair the breach, which exposed the victims’ names and Social Security numbers.
“We simultaneously worked around the clock to restore our current systems,” it stated. “We also promptly reported the intrusion to federal authorities. This was an arduous task requiring significant effort, as the college’s systems have many layers, access points, and security stop gaps.”
The college says that as far as it is aware, no identity-based fraud has occurred as a result of the data theft. It has offered the victims free annual credit monitoring to protect them from such scams.
“Please accept our sincere apologies that this incident occurred,” it added. “It is distressing that we have been victims of this terrible and all-too-common crime. Bristol Community College is committed to evaluating our internal controls and instituting further security measures to protect personal information.”
Nevertheless, the incident must be quite an embarrassment to the college, which offers courses in cybersecurity training as part of its wide-ranging roster of disciplines.
More from Cybernews:
Subscribe to our newsletter