U of M data breached

A hacker claims to have stolen up to 7 million records of past and current students and teachers, including Social Security Numbers.


government and 3rd party agencies involved

The University of Minnesota has contacted a 3rd party forensics organization to assist in the investigation.  State and Federal agencies have also been called to alert them of the breach.


Still unraveling 

The breach was discovered in late July, 2023, and announced today.  Investigations are on-going and updates will be available on this site when they are released.

Stay tuned for more information!

News > Cyber-Attacks > CA-General
by KEvin Wood

U of M officials seek state and federal assistance after data breach


Data breach affects up to 7 million alumni

On Tuesday, August 23rd, the University of Minnesota sent out a notice to current staff, students and former alumni advising them of a data breach.  The University was alerted of the breach after posts began circulating on the dark web about a hacker having upwards of 7 million social security numbers.

A dump from the dark web last month included details about the breach at the University of Minnesota.  Information gathered dated as far back as 1989, including names, addresses, education history, social security information and possibly more.

The University found out about the breach on July 21st, 2023, and immediately took action, reaching out to state and federal agencies, as well as a 3rd party forensics organizations to assist in the investigation.  As of the notice, the University did not mention specific details about how the system was breached and exactly what data was stolen.

Jake Ricker, University of Minnesota spokesperson, said that “the preliminary assessment is that the data at issue is from 2021 and earlier.”  He also said scans of their systems “did not reveal ongoing suspicious activity related to the incident.”  

While the investigation is on-going, the University will notify affected individuals and provide resources to them to help monitor and protect their information and any possible misuse.  

Ricker also mentioned that systems had been updated in 2021 to bolster security with additional monitoring and multi-factor authentication.  Even with these in place, they were unable to detect the exfiltration of data.

One of the features Balance Business Group’s DRaaS (Disaster Recovery as a Service) platform is file-level monitoring to assist in detecting ransomware or unusual, or suspicious, activity.  By detecting something like the exfiltration of a large amount of data at one time, our platform can help detect unusual activity.  Define appropriate actions and people to contact, and you’ll be able to stay on top of any situations that may come up.

Contact our Sales Team by clicking the button below to schedule a meeting to discuss how our Disaster Recovery as a Service Platform could help your organization protect your data and ensure you’re able to stay running at all times, even in the event of a disaster.

Jake Ricker, University of Minnesota spokesperson, said that “the preliminary assessment is that the data at issue is from 2021 and earlier.”


  • First detected in late July
  • Data exfiltrated affects up to 7 million current and past students and teachers.
  • Investigations are on-going…
  • We will update this story as new information becomes available
  • Stay tuned!  While you wait, click the “Home” button at the top and take a look at the services we offer.  Reach out to us to get a discussion started today!