Columbia University data breach impacts nearly 870,000 individuals
哥伦比亚大学遭遇网络攻击,约87万名学生和员工的敏感个人信息被盗。攻击者于5月入侵该校网络并窃取文件。学校于6月24日发现系统故障后报警,并于8月7日向受影响者发出通知函。泄露数据包括姓名、出生日期、社会安全号码等。学校未发现患者记录受影响,并将为受影响者提供两年免费信用监控服务。 2025-8-8 08:45:17 Author: www.bleepingcomputer.com(查看原文) 阅读量:18 收藏

Columbia University

​An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia University current and former students and employees after breaching the university's network in May.

Established in 1767 as King's College, Columbia University is a private Ivy League research university with a budget of $6.6 billion in 2024, over 20,000 employees, including 4,700 academic staff, and over 35,000 enrolled students across 19 schools and special programs.

The breach was discovered and reported to law enforcement authorities following an outage that affected some of its systems on June 24, following an investigation with support from external cybersecurity experts.

In notification letters filed with the office of Maine's Attorney General on Thursday, August 7, the university said that the data breach affects 868,969 individuals, including employees, applicants, current and former students, and family members.

"Our investigation determined that, on or about May 16, 2025, an unauthorized third-party gained access to Columbia's network and subsequently took certain files from our system," Columbia University said. "To date, we have no evidence that any Columbia University Irving Medical Center patient records were affected."

The university first confirmed the data theft last week in a statement, following reports that the alleged hacker claimed to have stolen 460 gigabytes of data from the compromised systems.

On Wednesday, the university issued another statement, confirming that the stolen data belongs to current and former students, applicants, and some Columbia employees.

According to the letters sent to affected individuals via the U.S. Postal Service, the stolen data includes a combination of personal, financial, and health information.

"The affected data included your name, date of birth, and Social Security number, as well as any personal information that you provided in connection with your application to Columbia, or that we collected during your studies if you enrolled," the university added.

"This included your contact details, demographic information, academic history, financial aid-related information, and any insurance-related information and health information that you shared with us."

While Columbia University has no evidence that the data has been misused in identity theft or fraud attempts, it will provide two years of free credit monitoring, fraud consultation, and identity theft restoration services through Kroll to those impacted by this data breach.


文章来源: https://www.bleepingcomputer.com/news/security/columbia-university-data-breach-impacts-nearly-870-000-students-applicants-employees/
如有侵权请联系:admin#unsafe.sh