The unknown risk actor stole delicate private, monetary and well being data from practically 870,000 present and former Columbia College college students and workers after violating the college’s community in Might.
Based in 1767 as King’s School, Columbia College has a price range of $6.6 billion in 2024, with a price range of $6.6 billion in 2024, with over 20,000 workers, together with 4,700 educational employees, and greater than 35,000 registered college students from 19 colleges and particular applications.
The violation was found and reported by legislation enforcement following an investigation supported by exterior cybersecurity specialists, following an outage that affected components of the system on June twenty fourth.
In a letter of discover filed within the Maine Legal professional Basic’s Workplace on Thursday, August 7, the college mentioned the info breach would have an effect on 868,969 people, together with workers, candidates, present and former college students and households.
“Our analysis decided that on or round Might 16, 2025, an unauthorized third celebration had entry to the Columbia community after which obtained sure recordsdata from our system,” Columbia College mentioned. “So far, there isn’t any proof that affected person information at Columbia College Irving Medical Middle have been affected.”
The college reported final week that it first confirmed the theft of knowledge, and that it subsequently claimed that hackers had stolen 460 gigabytes of knowledge from the compromised system.
On Wednesday, the college issued one other assertion confirming that the stolen knowledge belongs to present and former college students, candidates and a few Colombian workers.
Stolen knowledge features a mixture of private, monetary and well being data, in response to letters despatched to affected people by way of the US postal service.
“The affected knowledge included your identify, date of delivery, Social Safety quantity, and private data you offered in connection along with your software to Colombia, or any private data you collected throughout your analysis if you happen to registered,” the college added.
“This included contact particulars, demographic data, educational historical past, monetary aid-related data, insurance-related data and well being data.”
Columbia College has no proof that knowledge has been misused in id theft or tried fraud, but it surely affords two years of free credit score surveillance, fraud session and id theft restore providers by way of Kroll.
