Baker College has disclosed a knowledge breach after attackers gained entry to its community one 12 months in the past and stole the non-public, well being, and monetary info of over 53,000 people.
Based in 1858, Baker College is a personal college in Baldwin Metropolis, Kansas, with almost 2,000 enrolled college students (1,457 undergraduates) and over 300 workers.
The varsity detected suspicious exercise on its community after a December 2024 outage and located that attackers had entry to its methods from December 2 to 19, stealing delicate paperwork.
“By this overview, Baker College decided that info which can have been concerned included knowledge associated to these affiliated with Baker College,” it stated in a breach notification letter shared on the varsity’s web site.
“Though the knowledge diversified by particular person, the knowledge contains identify, date of beginning, Driver’s license quantity, monetary account info, medical insurance info, medical info, passport info, Social Safety quantity, pupil identification quantity, and tax identification quantity.”
In a submitting with the Workplace of the Maine Legal professional Basic, Baker College revealed that the ensuing knowledge breach impacts 53,624 people.
Whereas the varsity stated it discovered no proof that the knowledge was used for fraudulent actions, it’s now providing free credit score monitoring companies to these affected and encourages probably affected people to repeatedly test their account statements and credit score stories for suspicious exercise.
“The confidentiality, privateness, and safety of our Baker neighborhood’s private info is one in every of our college’s highest priorities,” stated Baker College president Jody Fournier. “Our workforce has been working alongside an exterior workforce of specialists at a cyber safety agency for the reason that incident and has rebuilt one in every of our main platforms that was compromised in the course of the cyber incident.”
The college has but to share the character of the assault and attribute the incident to a particular cybercrime operation or state-backed menace group.
A number of different U.S. universities have additionally been breached in voice phishing assaults since late October, with Harvard College, Princeton College, and the College of Pennsylvania disclosing that their improvement and alumni actions methods had been hacked to steal the non-public info of scholars, alumni, donors, and employees.
The Clop ransomware gang additionally breached Harvard College and the College of Pennsylvania in a knowledge theft marketing campaign that exploited a zero-day vulnerability of their Oracle E-Enterprise Suite (EBS) monetary platforms to steal delicate private and monetary knowledge belonging to college students, employees, and suppliers.
Damaged IAM is not simply an IT downside – the affect ripples throughout your complete enterprise.
This sensible information covers why conventional IAM practices fail to maintain up with trendy calls for, examples of what “good” IAM appears to be like like, and a easy guidelines for constructing a scalable technique.
