Monroe University Data Breach Investigation
Learn More
Monroe University in New York reports a data breach thatr exposed the personal information of 320,973 individuals.
Attackers breached into the university's computer systems between December 9 and December 23, 2024. The school only started notifying victims about the incident on January 2, 2026, more than a year after the breach occurred.
An unauthorized actor gained access to the university's network and stole sensitive files during the two-week intrusion. The compromised data includes:
- Full names and dates of birth
- Social Security numbers (SSNs)
- Driver's license and passport numbers
- Government identification numbers
- Medical and health insurance information
- Email usernames and passwords
- Financial account details and student records
The nature of the attack is not disclosed. The university completed its internal review of the stolen data on September 30, 2025, but waited several more months to begin mailing notification letters. Monroe University is offering one year of free credit monitoring to those impacted by the breach.
Law firms are now investigating whether the institution failed to implement adequate cybersecurity measures to protect student and staff data.
Security experts recommend that victims change their passwords for any accounts using the same credentials and monitor their financial statements for signs of identity theft.
