In 2021, the University of Minnesota experienced a data incident involving unauthorized access to a database. The incident potentially affected individuals who submitted information to the university between 1989 and August 2021. The university has taken steps to enhance system security and offer support to those potentially affected.

How many accounts were compromised?

The University of Minnesota disclosed that approximately 1.3 million accounts were potentially compromised in the data breach.

What data was leaked?

The data exposed in the breach included personal details such as names, contact information, Social Security numbers, dates of birth, high school and grade information, standardized test scores, demographic information, family income, student ID numbers, classes, grades, and insurance policy numbers, among other information related to admissions, financial aid applications, and university affiliations.

How was University of Minnesota hacked?

The University of Minnesota's data breach involved unauthorized access to a database in 2021, with a person claiming to have posted admissions, race, and ethnicity information on the internet. Specific methods used by the hackers remain unclear.

University of Minnesota's solution

In response to the hack, the University of Minnesota took several measures to enhance its security and prevent future incidents. This included bolstering overall system security, increasing data access control measures, reducing the number of people authorized to access sensitive information, implementing multi-factor authentication, and increasing monitoring for suspicious activities.

he university also worked with law enforcement, regulatory officials, and cybersecurity experts to assess the situation and ensure the security of their electronic systems. Additionally, affected individuals were offered 12 months of free credit and identity monitoring services. However, specific details regarding the nature of the breach and the extent of the data compromised remain unclear.

How do I know if I was affected?

The University of Minnesota has not specifically mentioned reaching out to affected users in the available sources. If you believe you may have been affected by the breach and have not received any notification, you can visit HaveIBeenPwned to check your credentials. Additionally, you can sign up for notifications of future data breaches by submitting your email address on the platform.

What should affected users do?

In general, affected users should:

• Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

• Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

• Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

• Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform or service provider.

For specific advice on the University of Minnesota's data breach, please contact the University of Minnesota's support directly. Unfortunately, we do not have a direct link to their support page, but you can visit the University of Minnesota's website and search for their contact information.

Where can I go to learn more?

If you want to find more information on the University of Minnesota data breach, check out the following news articles below:

• Data Incident | University of Minnesota System

• Data Incident Frequently Asked Questions | University of Minnesota System