Green Mountain Higher Education Consortium (GMHEC), a collaborative organization managing payroll, HR, and administrative services for Vermont-based colleges (Champlain College, Middlebury College, and Saint Michael’s College), suffered a data breach in late 2024. The incident involved unauthorized access to two employee email accounts between October 30, 2024, and November 20, 2024, exposing sensitive personally identifiable information (PII) of at least 3,184 individuals. Compromised data included Social Security numbers (SSNs) and full names, raising risks of identity theft and fraud.The breach was discovered on November 19, 2024, but notifications to affected individuals were delayed until October 29, 2025, nearly a year later. GMHEC disclosed the incident to the Maine and New Hampshire Attorney Generals and offered 12 months of free credit monitoring via TransUnion Cyberscout. Legal firms are investigating potential compensation claims for victims, citing negligence in safeguarding employee email systems and delayed breach notifications.
Source: https://www.claimdepot.com/investigations/green-mountain-college-data-breach-2025
TPRM report: https://www.rankiteo.com/company/green-mountain-higher-education-consortium
"id": "gre3402834103025",
"linkid": "green-mountain-higher-education-consortium",
"type": "Breach",
"date": "10/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '3,184 individuals',
'industry': 'Higher Education',
'location': 'Shelburne, Vermont, USA',
'name': 'Green Mountain Higher Education Consortium '
'(GMHEC)',
'type': 'Educational Consortium'},
{'industry': 'Higher Education',
'location': 'Burlington, Vermont, USA',
'name': 'Champlain College',
'type': 'Private College'},
{'industry': 'Higher Education',
'location': 'Middlebury, Vermont, USA',
'name': 'Middlebury College',
'type': 'Private College'},
{'industry': 'Higher Education',
'location': 'Colchester, Vermont, USA',
'name': 'Saint Michael’s College',
'type': 'Private College'}],
'attack_vector': 'Email Account Compromise',
'customer_advisories': ['Enroll in credit monitoring',
'Monitor financial accounts',
'Consider fraud alerts',
'Seek legal assistance if affected'],
'data_breach': {'data_exfiltration': 'Likely (data accessed by threat actor)',
'number_of_records_exposed': '3,184',
'personally_identifiable_information': ['Social Security '
'numbers',
'First and last '
'names'],
'sensitivity_of_data': 'High (includes Social Security '
'numbers)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_detected': '2024-11-19',
'date_publicly_disclosed': '2025-10-28',
'description': 'Green Mountain Higher Education Consortium (GMHEC) discovered '
'suspicious activity in its email environment on November 19, '
'2024. An investigation revealed that two employee email '
'accounts were accessed by a threat actor between October 30, '
'2024, and November 20, 2024. The breach exposed sensitive '
'personally identifiable information (PII) of at least 3,184 '
'individuals, including Social Security numbers and first/last '
'names. GMHEC began notifying affected individuals by mail on '
'October 29, 2025, and disclosed the breach to the Maine and '
"New Hampshire Attorney Generals' offices on October 28, 2025.",
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive PII',
'data_compromised': ['Social Security numbers',
'First and last names'],
'identity_theft_risk': 'High (due to exposure of SSNs and names)',
'legal_liabilities': 'Potential lawsuits and compensation claims '
'for affected individuals',
'systems_affected': ['Email environment']},
'initial_access_broker': {'entry_point': 'Compromised employee email accounts',
'high_value_targets': ['Payroll data',
'HR records',
'Benefits administration '
'data']},
'investigation_status': 'Ongoing (legal investigation by Shamis & Gentile '
'P.A.)',
'post_incident_analysis': {'root_causes': ['Unauthorized access to employee '
'email accounts']},
'recommendations': ['Enroll in free credit monitoring services (TransUnion '
'Cyberscout)',
'Monitor financial statements for suspicious activity',
'Place a fraud alert on credit reports',
'Request free annual credit reports from major bureaus',
'Seek legal counsel for potential compensation'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Notice'}],
'regulatory_compliance': {'legal_actions': 'Potential lawsuits by affected '
'individuals (investigation '
'ongoing by Shamis & Gentile P.A.)',
'regulatory_notifications': ['Maine Attorney '
'General',
'New Hampshire '
'Attorney General']},
'response': {'communication_strategy': ['Mail notifications to affected '
'individuals',
'Public disclosure via state Attorney '
'Generals'],
'incident_response_plan_activated': 'Yes (investigation '
'initiated post-detection)',
'recovery_measures': ['Offered 12 months of free TransUnion '
'Cyberscout single-bureau credit '
'monitoring'],
'remediation_measures': ['Notification to affected individuals',
'Disclosure to state Attorney '
'Generals']},
'stakeholder_advisories': ['Mail notifications to affected individuals'],
'title': 'Green Mountain Higher Education Consortium Data Breach',
'type': 'Data Breach'}