An unknown threat actor has stolen the sensitive information, including personal, financial, and health information, of 868,969 Columbia University current and former students, applicants and employees, after breaching the university’s network in May 2025.
The breach was discovered and reported to law enforcement authorities following an outage that affected some of its systems on June 24.
“Last week, we reported a technical outage that disrupted certain parts of our IT systems.” says a July 1 statement made by the university. “We immediately began an investigation with the assistance of leading cybersecurity experts and after substantial analysis determined that the outage was caused by an unauthorized party”.
The affected information includes Social Security numbers, contact details, demographic information, academic history, financial aid-related information, insurance-related information, and certain health information.
In an August 5 statement, Columbia University is offering two years of free credit monitoring and identity protection services to the impacted individuals.
Read more about it here.