Updated: 1:30 p.m.
Personal information about students, potential students and employees at the University of Minnesota between 1989 and August of 2021 may have been stolen by hackers, the university acknowledged on Thursday.
U officials sent out a notice providing more information on a data breach initially reported last month. They said an investigation determined that someone likely gained unauthorized access to a university database in 2021.
Potentially breached information includes full names, addresses, birth dates and Social Security numbers, driver’s license or passport information, birth dates and other demographic information, the university said in a statement.
The U said it would post notices about the breach on its websites and email people potentially affected by the breach, if their email addresses are on file. It will send email notifications to approximately two million individuals.
Grow the Future of Public Media
MPR News is supported by Members. Gifts from individuals power everything you find here. Make a gift of any amount today to become a Member!
“The email will come from firstname.lastname@example.org and will provide more detail about the steps being taken in response to this incident,” the U said in its statement on Thursday.
In the statement, the university said it’s offering those potentially affected by the data breach 12 months of free credit and identity monitoring services.
The university said the data breach was not affecting its operations.
The U began investigating a potentially massive data breach in late July after the tech journal The Cyber Express reported claims that a hacker had potentially gained access to more than 7 million Social Security numbers.
The U is facing a federal lawsuit that seeks class action status over the breach, alleging the university failed to “establish appropriate security safeguards” for sensitive personal data in university records.