Pellissippi State responds to cybersecurity incident

Pellissippi State Community College has notified 222 current and former students that their personally identifiable information may have been compromised when an unauthorized user accessed a college email address Jan. 9.

“The incident was limited to one general institutional email account and to a small population of individuals who had sent information to that account,” said Audrey Williams, Pellissippi State’s vice president for Information Services. “Pellissippi State believes this is an isolated incident, and it does not appear that any data have been disseminated to other people or sources.”

An investigation showed that of 1,800 emails in the account that was accessed by an unauthorized user, 222 contained sensitive information such as first name, last name, Pellissippi State username, student identification number, date of birth, driver’s license number and/or partial or full social security number.

“While we cannot confirm that data was viewed or copied from the account, we wanted to let you know about this incident out of an abundance of caution,” Williams wrote in the letter that was mailed to affected current and former students.

Although Pellissippi State immediately made changes to safeguard the email account that was compromised, the college is going a step further by offering the affected individuals credit monitoring and identity protection services for 12 months at no cost to them.

Pellissippi State recommends those affected place a fraud alert on their credit files and check their credit reports every three months for the next year, even if they do not find any signs of fraud on their reports.

“At Pellissippi State, we value everyone’s privacy,” Williams said. “We take this event, and the security of our information, very seriously. We are reviewing our policies and procedures to better protect against an event like this happening again in the future.”

The Tennessee Board of Regents, the State of Tennessee Department of Treasury and the United States Department of Education all have been notified, she added, and Pellissippi State continues to monitor the college’s network and accounts.

Those with additional questions should visit www.pstcc.edu/records/datafaq.