Greenville Technical College

Greenville Technical College experienced a ransomware attack.

The threat actors had exfiltrated more than 600 GB of data including the personal information of staff and students.

The attackers had been able to breach three servers and storage for three workstations by exploiting a vulnerability in the college’s virtual private network.

Compromised data included Social Security numbers, driver’s license numbers, medical information, bank information, and applications, of students and employees.

Source: https://www.databreaches.net/greenville-technical-college-claims-no-personal-data-affected-by-ransomware-incident-threat-actors-claim-otherwise/

TPRM report: https://scoringcyber.rankiteo.com/company/greenville-technical-college

"id": "gre12225123",
"linkid": "greenville-technical-college",
"type": "Ransomware",
"date": "08/2020",
"severity": "100",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Education',
                        'name': 'Greenville Technical College',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Exploiting vulnerability in VPN',
 'data_breach': {'data_exfiltration': 'More than 600 GB',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Social Security numbers',
                                              'Driver’s license numbers',
                                              'Medical information',
                                              'Bank information',
                                              'Applications']},
 'description': 'Greenville Technical College experienced a ransomware attack '
                'where threat actors exfiltrated more than 600 GB of data '
                'including the personal information of staff and students. The '
                'attackers breached three servers and storage for three '
                'workstations by exploiting a vulnerability in the college’s '
                'virtual private network. Compromised data included Social '
                'Security numbers, driver’s license numbers, medical '
                'information, bank information, and applications, of students '
                'and employees.',
 'impact': {'data_compromised': ['Social Security numbers',
                                 'Driver’s license numbers',
                                 'Medical information',
                                 'Bank information',
                                 'Applications'],
            'systems_affected': ['Three servers',
                                 'Storage for three workstations']},
 'initial_access_broker': {'entry_point': 'VPN vulnerability'},
 'motivation': 'Data exfiltration and ransom',
 'ransomware': {'data_exfiltration': 'More than 600 GB'},
 'title': 'Greenville Technical College Ransomware Attack',
 'type': 'Ransomware',
 'vulnerability_exploited': 'Vulnerability in the virtual private network'}

Greenville Technical College

Dansons

TEP Holdings, LLC

Bolton Global