Columbia University has been targeted in a cyberattack where hackers stole the personal information of students, applicants, and employees.
The Ivy League school suffered an IT outage on June 24 and on July 1 it revealed that it was caused by hackers who may have stolen data from its network.
In an update shared on August 5, Columbia University said its investigation found that the intruders obtained information about students and applicants, including files related to admission, enrollment, and financial aid. The hackers also obtained the personal information of some employees.
The compromised information includes contact details, Social Security numbers, demographic information, academic history, financial aid information, insurance information, and some health information.
Patient records of the Columbia University Irving Medical Center were not obtained by the hackers, the university highlighted.
- Columbia University recently told the Maine Attorney’s General Office, which requires organizations that suffer a data breach to disclose the total number of affected individuals, include Contact details, demographic information, academic history, financial aid information, health insurance information and more were accessed by the hackers. Columbia said 868,969 people were affected.
Affected individuals are being notified and offered two years of free credit monitoring, fraud consultation, and identity theft restoration services.
The investigation is ongoing, but the university believes the attackers gained unauthorized access to its systems around May 16.
While the organization’s description of the incident suggests that it may have been targeted in a ransomware attack, SecurityWeek has not seen any known threat group taking credit for the attack on Columbia University.
The incident caused widespread issues for Columbia students, who could not access email accounts and platforms for assignments.
(Courtesy: security week)
