A recent breach of Columbia University’s computer systems compromised personal information of about 870,000 people, including students and applicants, according to the school’s reports to state officials in the US.
The hack included “any personal information” provided in connection with applications or was collected during students’ studies, according to drafts of letters from the university to potentially affected individuals. That includes contact details, demographic information, academic history, financial aid-related information and insurance and health-related data shared with the university, the letters state.
The university’s investigation is ongoing and the school is still working to determine the number of individuals impacted, a Columbia official said Friday. The school will continue to notify people who have been affected, the official said.
The details were included in reports Columbia made Thursday to state officials in Maine and California, according to the websites of their attorneys general. Both states require organizations to report breaches “without unreasonable delay” when their residents’ data is involved.
Hacked Columbia University Data Includes Banking Numbers, GPAs
In June, Columbia began investigating a potential cyberattack following an IT outage at the school. The breach affected 868,969 people, according to Columbia’s report to the office of the Maine Attorney General. The letters show the incident dates to about May 16, weeks before the outage that brought many of the school’s computer systems to a halt.
Columbia previously said the breach also included personal information about employees, though Thursday’s letters don’t specifically mention that leak. Bloomberg News previously reported that financial and academic information — such as class schedules, grade-point averages and bank information — was among the pilfered data.
A university official previously described the perpetrator as a politically motivated “hacktivist.”
“We have implemented a number of safeguards across our systems to enhance our security,” the university said in the letters submitted to the states. “Moving forward, we will be examining what additional steps we can take and additional safeguards we can implement to prevent something like this from happening again.”
Was this article valuable?
Here are more articles you may enjoy.
Companies Spending Record Amounts to Protect Executives as Threats Rise 
From Golf Greens to Sausage Fests: The Wild World of Prize Insurance 
Parrish Named CEO of Howden US, Is Sued by Former Employer Marsh 
Delay in Upping Its Claims Offer Could Cost AIG, Federal Appeals Court Says 
