Campbell University: Campbell UniversityData Breach

Campbell University: Campbell UniversityData Breach

Campbell University Data Breach Exposes Sensitive Personal, Medical, and Financial Information

On April 1, 2026, North Carolina-based Campbell University detected a data breach involving unauthorized access to one of its cloud-based storage systems. The incident occurred between March 31 and April 1, with threat actor Inc Ransom later claiming responsibility for stealing 500 GB of sensitive data.

The compromised information includes a wide range of personal, medical, and financial records, such as:

  • Personal data: Names, addresses, Social Security numbers, driver’s licenses, passport details, student and government IDs, IRS identity protection PINs, parents’ pre-marriage surnames, digital signatures, geolocation data, and non-financial account credentials.
  • Medical data: Admission/discharge dates, medical record numbers, provider details, diagnoses, treatments, lab results, medications, mental health histories, service dates, and health insurance information.
  • Financial data: Account details, debit/credit card numbers, and individual taxpayer identification numbers.

The breach was first publicly disclosed on May 29, 2026, and reported to the Department of Health and Human Services. Legal teams are investigating the possibility of a class action lawsuit on behalf of affected individuals, with potential compensation for privacy violations, out-of-pocket costs, and other damages.

The incident underscores the risks of unauthorized access to large-scale sensitive datasets, particularly in educational and healthcare-adjacent institutions.

Source: https://www.classaction.org/data-breach-lawsuits/campbell-university-may-2026

Campbell University cybersecurity rating report: https://www.rankiteo.com/company/campbell-university

"id": "CAM1782253948",
"linkid": "campbell-university",
"type": "Ransomware",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Education',
                        'location': 'North Carolina, USA',
                        'name': 'Campbell University',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Unauthorized access to cloud-based storage system',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Social Security '
                                                         'numbers',
                                                         'Driver’s licenses',
                                                         'Passport details',
                                                         'Student and '
                                                         'government IDs',
                                                         'IRS identity '
                                                         'protection PINs',
                                                         'Parents’ '
                                                         'pre-marriage '
                                                         'surnames',
                                                         'Digital signatures',
                                                         'Geolocation data',
                                                         'Non-financial '
                                                         'account credentials',
                                                         'Medical record '
                                                         'numbers',
                                                         'Provider details',
                                                         'Diagnoses',
                                                         'Treatments',
                                                         'Lab results',
                                                         'Medications',
                                                         'Mental health '
                                                         'histories',
                                                         'Service dates',
                                                         'Health insurance '
                                                         'information',
                                                         'Account details',
                                                         'Debit/credit card '
                                                         'numbers',
                                                         'Individual taxpayer '
                                                         'identification '
                                                         'numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal data',
                                              'Medical data',
                                              'Financial data']},
 'date_detected': '2026-04-01',
 'date_publicly_disclosed': '2026-05-29',
 'description': 'On April 1, 2026, North Carolina-based Campbell University '
                'detected a data breach involving unauthorized access to one '
                'of its cloud-based storage systems. The incident occurred '
                'between March 31 and April 1, with threat actor Inc Ransom '
                'later claiming responsibility for stealing 500 GB of '
                'sensitive data. The compromised information includes '
                'personal, medical, and financial records such as names, '
                'addresses, Social Security numbers, medical histories, and '
                'financial account details. The breach was publicly disclosed '
                'on May 29, 2026, and reported to the Department of Health and '
                'Human Services. Legal teams are investigating a potential '
                'class action lawsuit.',
 'impact': {'data_compromised': '500 GB of sensitive data',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Potential class action lawsuit',
            'payment_information_risk': 'High',
            'systems_affected': 'Cloud-based storage system'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_exfiltration': 'Yes'},
 'references': [{'source': 'Cyber Incident Description'}],
 'regulatory_compliance': {'legal_actions': 'Potential class action lawsuit',
                           'regulatory_notifications': 'Reported to Department '
                                                       'of Health and Human '
                                                       'Services'},
 'threat_actor': 'Inc Ransom',
 'title': 'Campbell University Data Breach Exposes Sensitive Personal, '
          'Medical, and Financial Information',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.