x
Breaking News
More () »

U of M releases new details on those impacted by data breach

The university previously confirmed they became aware of the claimed data breach on July 21, with an "unauthorized party" claiming to possess sensitive data.

MINNEAPOLIS — The University of Minnesota (U of M) is sharing new details about information that was likely accessed by a hacker during a data breach back in 2021.

In August, a U of M spokesperson confirmed that the university and a private firm were investigating the reported breach by an individual claiming to have accessed sensitive information about students, school employees and those who had taken part in U of M programming between 1989 and August 2021.

A lawsuit by two former U employees was filed just days after the revelations, with the plaintiffs seeking class-action status so others could join. 

On Thursday, Sept. 21, the university provided more details about what kind of data was accessed and whose information may have been compromised. The hacker may have access to an individual's name, address, telephone number, Social Security number, driver’s license or passport information, University identification number, birthdate, demographic information, admissions applications, and employment information, among other things.  

  • Prospective Students (and certain parent or guardian data): Information supplied in admissions or financial aid applications submitted directly to the University or through the standard Free Application for Federal Student Aid (FAFSA) form, including student and parent or guardian names, contact information, Social Security numbers, dates of birth, student high school and high school grade information, standardized test scores, demographic information and family income.
  • Students: Information related to the individual’s education, including student contact information and parent or guardian names and addresses, student email addresses, Social Security number, student ID number, date of birth, classes, grades, demographic information, insurance policy number, loan data, degree, and diploma year.
  • Employees: Information related to the individual’s work, including name and address, email address, Social Security number, employee ID number, date of birth, driver’s license or identification card, and payroll information (but not bank account information).
  • Other Persons: Similar categories of information as described above, if provided by individuals with unpaid University appointments, those who performed work for the University, those who received taxable payments from the University, and University volunteers or spouses/partners of certain University administrators.

The University says it immediately contracted with forensics professionals to investigate whether the hacker's claim was credible and ensure the security of the U's computer systems. After an extensive probe, the U of M determined that unauthorized access to a University database did take place in 2021. 

Notices are being sent out to those potentially affected for whom the U has an email address. The email will come from a special U of M account and provide more detail about steps being taken in response to this incident. Instructions on signing up for free credit checks and identity monitoring services will be included in that email. 

The university is also giving a heads-up to potential victims via campus websites. 

WATCH MORE ON KARE 11+

Download the free KARE 11+ app for Roku, Fire TV, Apple TV and other smart TV platforms to watch more from KARE 11 anytime! The KARE 11+ app includes live streams of all of KARE 11's newscasts. You'll also find on-demand replays of newscasts; the latest from KARE 11 Investigates, Breaking the News and the Land of 10,000 Stories; exclusive programs like Verify and HeartThreads; and Minnesota sports talk from our partners at Locked On Minnesota. 

Watch more local news:

Watch the latest local news from the Twin Cities and across Minnesota in our YouTube playlist:

Before You Leave, Check This Out