- Columbia University files form with the Maine Attorney General’s Office
- It confirmed the number of victims, and the type of data stolen
- Victims are being offered free credit and identity theft monitoring services
A massive cyberincident affecting almost 870,000 Columbia University students, employees, and other individuals occured in May 2025, the university has confirmed.
In a new filing with the Office of the Maine Attorney General, the university said in late June 2025 it experienced an outage in its IT systems, prompting an investigation with the support of third-party cybersecurity and forensics experts.
The investigation confirmed the outage was the result of a cyberattack, in which yet unidentified perpetrators stole sensitive data on exactly 868,969 people, including employees, applicants, students (both current and former), and various family members.
460 GB of data taken
“Our investigation determined that, on or about May 16, 2025, an unauthorized third-party gained access to Columbia’s network and subsequently took certain files from our system,” Columbia University said.
“To date, we have no evidence that any Columbia University Irving Medical Center patient records were affected.”
The university recently started notifying affected individuals via letters which detailed the type of information stolen in the breach:
“The affected data included your name, date of birth, and Social Security number, as well as any personal information that you provided in connection with your application to Columbia, or that we collected during your studies if you enrolled,” the university apparently said.
“This included your contact details, demographic information, academic history, financial aid-related information, and any insurance-related information and health information that you shared with us.”
Some attackers confirmed the breach, and claimed to have stolen 460 GB of data. So far, there is no evidence that the data was abused in the wild, but Columbia University will provide victims with two years of free credit monitoring, fraud consultation, and identity theft protection services, through Kroll, regardless.
How to stay safe
While victims directly cannot do much about the stolen data, they can make sure the attackers don’t use it against them. The best course of action is to remain vigilant with incoming communications, especially those claiming to come from Columbia University.
Unsolicited emails, instant messages, or phone calls, particularly those “threatening” to terminate accounts or otherwise prevent services, are most likely bogus.
If you suspect you’re being targeted, the best course of action is to stop all communication, and then reach out to Columbia University directly, through proven channels.
Via BleepingComputer
You might also like
- “No evidence” – here’s why the massive 16 billion record data breach may not be as bad as first thought
- Take a look at our guide to the best authenticator app
- We’ve rounded up the best password managers
![[Aggregator] Downloaded image for imported item #28795](https://kcmicro.com/wp-content/uploads/2025/08/QfeeSjEgohJ7KGzbRs6ktm-1280-80-800x500.jpg "[Aggregator] Downloaded image for imported item #28795")
![[Aggregator] Downloaded image for imported item #28762](https://kcmicro.com/wp-content/uploads/2025/08/ZBhXLYKadiuNnwUCJf5tDa-1280-80-800x500.jpg "[Aggregator] Downloaded image for imported item #28762")
![[Aggregator] Downloaded image for imported item #28770](https://kcmicro.com/wp-content/uploads/2025/08/CYa8irgfKUzjPvaCSLgr2M-1280-80-800x500.jpg "[Aggregator] Downloaded image for imported item #28770")