Pellissippi State Community College is sending out notifications today regarding a December 2021 data security incident. That incident may have resulted in unauthorized access to, or acquisition of, some personal information of our former and current students, faculty and staff, as well as participants in Tennessee Consortium for International Studies (TNCIS) programs. Notification is being sent upon conclusion of the subsequent cyber forensics investigation.
The forensics investigation revealed that the ransomware attack was focused primarily on encrypting Pellissippi State’s data to force a ransom payment. The college’s main database and credit card payment systems were not involved in the attack, and no data from those systems was accessed by unauthorized users. However, the investigation confirmed unauthorized access to one system that included basic directory information such as names, email addresses, P numbers (internal ID numbers) and Pellissippi State passwords.
The investigation also concluded that it was impossible to determine with certainty whether any additional personally identifiable information was accessed. Therefore, Pellissippi State is urging all persons who have provided data to the college to take action to protect themselves from identity theft. Free credit monitoring is being made available to individuals potentially affected by this possible breach.
“Our students and employees entrust us with important information, and we take that responsibility very seriously,” said L. Anthony Wise Jr., president of Pellissippi State. “Unfortunately, despite our best efforts at data protection, as the investigation into the cyberattack progressed, it became clear that we could not conclude that there was no exposure of personal information. We are notifying members of the college community of this incident and want those who may have provided personal information to the college to be aware of how they can protect themselves.”
Pellissippi State has sent email notices to all individuals with email addresses in its database. This email included a code to sign up for the credit monitoring service. If you did not receive a code and believe you may have been affected or if you have questions, please contact the toll-free hotline at 1-855-604-1808 between Feb. 2 and May 2 or email cyberresponse@pstcc.edu. As always, individuals should monitor activity on their online accounts and report any suspicious behavior to the appropriate authorities.
“Regrettably, attacks by cybercriminals are much more common and are an inherent risk in today’s online environment,” said Pellissippi State Chief Information Officer Audrey Williams. “As soon as this incident was discovered, our Information Services staff acted swiftly to prevent further access by the attackers to our systems. We have been working diligently to restore our online services in a way that will better defend Pellissippi State from future cyberattacks.”
The college has set up a web page at www.pstcc.edu/cyberattack with more detailed information on the event itself and how individuals can protect themselves against potential misuse of personal information.
###