A hacktivist with a political agenda broke into Columbia University IT systems and stole targeted student data, including details from 2.5 million applications. The hacker provided 1.6 gigabytes of data to Bloomberg News, which included information on applicants' acceptance status, citizenship, university ID numbers, and academic programs. The hacker claimed to have obtained 460 gigabytes of data, including financial aid packages, employee pay, and 1.8 million Social Security numbers belonging to employees, applicants, students, and their family members. The university has not received a ransom demand and is investigating the scope of the theft.
Source: https://therecord.media/hacker-political-agenda-columbia-cyberattack
TPRM report: https://scoringcyber.rankiteo.com/company/columbia-university-information-technology
"id": "col416070325",
"linkid": "columbia-university-information-technology",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Education',
'location': 'New York, USA',
'name': 'Columbia University',
'type': 'Educational Institution'}],
'attack_vector': 'Unspecified',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': ['2.5 million applications',
'1.8 million Social Security '
'numbers'],
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Student data',
'Application details',
'Citizenship status',
'University ID numbers',
'Academic programs',
'Financial aid packages',
'Employee pay',
'Social Security numbers']},
'date_detected': '2023-06-24',
'description': 'A hacktivist with a political agenda broke into Columbia '
'University IT systems and stole targeted student data.',
'impact': {'data_compromised': ['Student data',
'Application details',
'Citizenship status',
'University ID numbers',
'Academic programs',
'Financial aid packages',
'Employee pay',
'Social Security numbers'],
'downtime': 'Intermittent',
'systems_affected': ['University IT systems',
'Website',
'Other systems']},
'initial_access_broker': {'high_value_targets': ['Student data',
'Application details',
'Citizenship status',
'University ID numbers',
'Academic programs',
'Financial aid packages',
'Employee pay',
'Social Security numbers'],
'reconnaissance_period': 'Two months'},
'investigation_status': 'Ongoing',
'motivation': 'Political agenda',
'references': [{'source': 'Bloomberg News'}],
'response': {'communication_strategy': 'Investigating the scope and will '
'share findings with the community',
'enhanced_monitoring': 'Continue to monitor closely for further '
'unlawful activity',
'recovery_measures': 'Recovered most systems quickly',
'third_party_assistance': ['Cyber forensics firm']},
'threat_actor': 'Hacktivist',
'title': 'Hacktivist Data Breach at Columbia University',
'type': 'Data Breach'}