An unknown hacker has stolen the sensitive personal, financial and health information of nearly 870,000 people in a major data breach at Columbia University.
As reported by Bleeping Computer, the breach, which was discovered and reported to law enforcement after a June 24th outage affected some of the university's systems, impacts current and former students, family members, employees and applicants.
Here's everything you need to know about this latest data breach including some tips and tricks to stay safe from hackers using this stolen information in their attacks.
Exposed student and alumni data
If you're a current or past Columbia student, the following data may have been exposed as a result of this breach:
- Full names
- Dates of birth
- Social Security numbers
- Contact details
- Demographic information
- Academic history
- Financial aid-related information
- Insurance-related information
- Health information
Compromised university systems
In a sample notification letter filed with the Maine Attorney General’s office on August 7th, the University stated that an “unauthorized third-party gained access to Columbia’s network and subsequently took certain files from our system,” but said that they had no evidence that any of the patient records from Columbia University Irving Medical Center had been affected. Following an investigation with support from external cybersecurity experts, the University was able to determine that the breach exposed the data of 868,969 individuals.
The alleged hacker claims to have 460 stolen gigabytes of data from the compromised systems last week, causing the university to confirm the data theft and issue an additional statement about who had been affected by the breach.
Those whose data was exposed in the breach were sent letters through the mail with additional details, confirming that the stolen data included a combination of personal, financial and health information: “The affected data included your name, date of birth, and social security number, as well as any personal information that you provided in connection with your application to Columbia, or that we collected during your studies if you enrolled.” The University also stated the breach “Included your contact details, demographic information, academic history, financial aid-related information, and any insurance-related information and health information that you shared with us.”
Columbia University has said it will provide those affected by the breach with two years of free credit monitoring, fraud consultation and identity theft restoration services through Kroll, although there is no evidence as of yet that the data has been used in any identity theft or fraud attempts.
How to stay safe
The best way to protect yourself after a data breach is by using one of the best identity theft protection services. However, in order to get access to the identity theft insurance and extra support these services provide, you need to sign up before falling victim to a data breach.
While the best antivirus software will also help protect you and your devices from malware and online threats, identity theft protection is more useful after a major data breach.
It's also important to stay vigilant against phishing and social engineering attacks, and to monitor your accounts for suspicious activity. The best way to stay safe against phishing is to avoid clicking on any links, QR codes or attachments in an email or message from an unknown sender.
In order to protect yourself against most common social engineering attacks, it’s always best to be wary anytime you're approached through social media or by contacts offering opportunities that seem to good to be true A quality antivirus software will provide different features to keep you safe online including one of the best VPNs with browser-level privacy protection.
Hackers have recently been going after healthcare providers but this data breach at Columbia could be sign that they're once again targeting schools, colleges and other educational institutions. This is why you need to be extra careful online, practice proper cyber hygiene and educate yourself about the latest online scams and cyberattacks, especially with back to school right around the corner.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- Hackers are abusing this Intel tool to disable Windows 11's built-in antivirus — don't fall for this
- From AI training to banning VPNs – here are 8 questions the internet is asking about the Online Safety Act
- Jury finds Meta illegally collected data from women's health app Flo — what you need to know
