The majority of the people affected had taken the GED test at the college's testing center in 2012 and 2013, the college said in a news release Tuesday.
Chattanooga State will provide free credit monitoring from Equifax for one year to those affected by the attack, the college said. The 1,244 people will be notified by mail, spokesperson Nancy Patterson said by phone.
Ransomware gang Snatch posted a listing for data from Chattanooga State on its website May 23 and updated the page June 22. While many ransomware groups post stolen data on the dark web, Snatch advertised the attack on a regular site.
The college chose not to engage with the attackers, Patterson said, on advice from the FBI, Tennessee Board of Regents and cybersecurity experts.
The Snatch listing also includes the names, phone numbers and emails for administrators at Chattanooga State.
"It's probably just a pressure play," Brett Callow, a cyber threat analyst at New Zealand-based information security company Emsisoft, said by phone. "Name and shame the decision makers at the college."
After the college discovered the breach May 6, it took its computer systems offline while the attack was investigated. The attack canceled classes at Chattanooga State for about two weeks in May, affecting 17 students, and delayed the start of summer classes, affecting about 500 students, according to the college.
Systems were then gradually brought back online, Patterson said, and an investigation found the breach appears limited to those 1,244 people. That's likely because the college's information technology team shut off access to its systems after learning of the attack, Patterson said.
"That's actually the way it should be," Callow said. "When you design a network you can segment, which is similar to locking the interior doors in your house to stop a burglar from being able to easily move from one room to another."
A backup of the college's data restored nearly all the affected computer systems, according to Patterson. Several days' worth of work from early May might have been lost in the attack, Patterson said, but still may be recovered manually.
Such data breaches can put people at risk of identity theft or extortion, Callow said.
©2023 the Chattanooga Times/Free Press (Chattanooga, Tenn.). Distributed by Tribune Content Agency, LLC.
