Columbia University Data Breach Exposes 870,000 People

Columbia University has disclosed a major cybersecurity incident affecting nearly 870,000 individuals, exposing sensitive personal, financial, and health records. The breach, which occurred in mid-May, compromised data belonging to current and former students, employees, applicants, and their families.

As one of the oldest and most prestigious Ivy League institutions, Columbia University operates with a $6.6 billion annual budget and serves over 35,000 students across its 19 schools and specialized programs. The breach was detected in late June after system disruptions prompted an investigation involving external cybersecurity experts. University officials later confirmed unauthorized access to their network, though no patient records from Columbia University Irving Medical Center were affected.

The stolen data includes names, birth dates, Social Security numbers, contact details, academic records, financial aid information, and health-related documents. While there’s no evidence of misuse so far, the university is offering affected individuals two years of complimentary credit monitoring, fraud consultation, and identity theft recovery services through Kroll.

Initial reports suggested hackers exfiltrated 460 gigabytes of data, though the full scope wasn’t confirmed until this week. Notification letters were mailed to impacted parties, detailing the extent of the exposure and steps to mitigate risks. Columbia has urged vigilance against potential phishing scams or fraudulent activity linked to the breach.

The university continues working with law enforcement and cybersecurity firms to strengthen its defenses, emphasizing its commitment to safeguarding community members’ information. Those affected are advised to monitor financial accounts and credit reports for suspicious activity while utilizing the provided protective services.

(Source: Bleeping Computer)