University of Minnesota updates on July data breach

(ABC 6 News) – Investigation into a reported data breach in July revealed that the intruder likely gained unauthorized access to university databases some time in 2021.

On July 21, 2023, the University of Minnesota learned that a person claimed to have posted admissions, race and ethnicity information held in a UMN database.

University investigators conferred with forensics professionals to determine that the claim was credible and ensure University security moving forward. The University states “incident has not affected University operations.”

Potentially affected information could include the full names, addresses, telephone number, Social Security number, driver’s license or passport information, University identification number, birthdate and demographic information, admissions applications, employment information, as well as other information provided to the University.

Affected individuals can include prospective students and their guardians, active students, University employees and “other persons” (University volunteers, temporary workers, spouses/partner of some University administrators) from 1989 to 2021.

The University’s investigations have not shown evidence that donation, medical treatment, password or credit card information was in the breached database.

In response to the data breach, the school said it is “bolstering its overall security system, including increasing data access control measures, reducing the number of people authorized to access sensitive information, expanding multi-factor authentication and other security measures, and increasing monitoring for suspicious activities.”

Affected individuals will receive an email from the University of Minnesota. The email will come from data-incident@notification.umn.edu. Additional questions can be answered or asked at system.umn.edu/data-incident.