Breach cyber

Northern Arizona University

Jan 12, 2026 1 min read
Northern Arizona University

Northern Arizona University (NAU) suffered a data breach where unauthorized actors gained access to employee email accounts between February 7–8, 2022. The incident was disclosed over a year later, on April 5, 2023, by the Vermont Office of the Attorney General. While the exact scope of the breach including the number of affected individuals and the types of compromised data remains undisclosed, the unauthorized access to employee emails suggests potential exposure of sensitive internal communications, personally identifiable information (PII), or institutional data. The delay in reporting raises concerns about detection capabilities and transparency. Given the target (employee accounts), the breach likely involved internal operational or HR-related data, though the absence of confirmed details leaves the full impact ambiguous. The university’s response timeline and mitigation measures were not specified in the report.

Source: https://ago.vermont.gov/document/2023-04-05-northern-arizona-university-data-breach-notice-consumers

TPRM report: https://www.rankiteo.com/company/nau-office-of-the-provost

"id": "nau349090725",
"linkid": "nau-office-of-the-provost",
"type": "Breach",
"date": "2/2022",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Higher Education',
                        'location': 'Flagstaff, Arizona, USA',
                        'name': 'Northern Arizona University',
                        'type': 'Educational Institution'}],
 'date_publicly_disclosed': '2023-04-05',
 'description': 'The Vermont Office of the Attorney General reported that '
                'Northern Arizona University experienced a data breach '
                'involving unauthorized access to employee email accounts from '
                'February 7, 2022, to February 8, 2022. The incident was '
                'reported on April 5, 2023, but the number of individuals '
                'affected and the specific types of information compromised '
                'remain unknown.',
 'impact': {'systems_affected': ['Employee email accounts']},
 'references': [{'source': 'Vermont Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Vermont Office of the '
                                                        'Attorney General']},
 'title': 'Northern Arizona University Email Account Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.