CMU Acknowledges Cyber Attack and Data Breach Affecting 7,343 Individuals

Summary

On August 25, 2023, Carnegie Mellon University (CMU) experienced a cyberattack resulting in unauthorized access to a university computer system. This incident compromised the personal information of over 7,300 individuals, including current and former students, employees, applicants, and contractors. CMU promptly secured the system and engaged law enforcement to investigate the breach. The university has since completed its investigation and notified those potentially affected. As a precautionary measure, CMU is providing credit monitoring and other services through Experian to impacted individuals.

Details of the Cyber Attack

On August 25, 2023, CMU’s Information Security Office detected suspicious activity on a university computer system. Upon further investigation, it was determined that a third party had gained unauthorized access to files containing personal information. The university immediately took action to secure the system and prevent further unauthorized access. CMU also engaged law enforcement to assist in the investigation.

Scope of the Data Breach

The cyberattack compromised the personal information of approximately 7,343 individuals associated with CMU. This includes current and former students, employees, applicants, and contractors. The specific types of personal information affected may vary depending on the individual but could include names, addresses, dates of birth, and social security numbers.

CMU’s Response and Notification

CMU promptly secured the affected system and engaged law enforcement to investigate the incident. The university also conducted a thorough investigation to determine the extent of the breach and identify those potentially affected. CMU has since sent notifications to individuals whose information may have been compromised. The university is offering credit monitoring and other services through Experian to impacted individuals to help protect them from potential fraud or identity theft.

Growing Trend of Cyberattacks on Educational Institutions

Cyberattacks targeting colleges and universities have been on the rise in recent years. In 2023 alone, several educational institutions worldwide fell victim to cyberattacks. In December 2023, market research company KonBriefing reported that cyberattackers targeted institutions in four different countries, including Canada, Austria, Lithuania, and Australia.

Conclusion

CMU’s cyberattack and data breach highlight the growing threat that cybercriminals pose to educational institutions. The university’s prompt response and notification to impacted individuals demonstrate its commitment to protecting the personal information of its community members. CMU’s provision of credit monitoring services through Experian is a commendable step to help those affected safeguard their financial information and protect themselves from potential fraud or identity theft. The university’s experience serves as a reminder to all educational institutions to prioritize cybersecurity measures and be prepared to respond effectively to cyberattacks.