Carnegie Mellon University suffers a cyberattack


Carnegie Mellon University has been targeted by hackers who attempted to exfiltrate personal information from over 7300 individuals.

Carnegie Mellon (CMU), one of the world's top universities for computer science and information systems, suffered a cyberattack where adversaries accessed and copied files containing sensitive data.

The Information Security Office at CMU detected suspicious activity on its computer system in August 2023.

ADVERTISEMENT

The university launched an investigation and recovery operation, revealing that an unauthorized external actor accessed the CMU computer system.

After months of investigation, assistance from law enforcement, and a comprehensive review of the event, CMU deduced that the threat actor “may” have copied files that contained personal information.

The investigation concluded in December 2023, and a notice to those affected was issued on January 12th, 2024.

CMU states there is no indication that the personal information obtained by the threat actor was misused.

However, adversaries gained access to information that contained names, Social Security numbers, and dates of birth.

The university engaged in an investigation and recovery effort, subsequently disabling access to the copied files with the help of law enforcement.

ADVERTISEMENT