Saint Louis University reports data breach, exposing 93k people

Saint Louis University (SLU), is reporting a data breach that is affecting at least 93,000 individuals. The breach was caused by unauthorized access to certain SLU email accounts.

The breach was first suspected on March 2, 2023, when SLU noticed unusual activity in some email accounts. Measures were taken to secure the affected accounts, and an investigation was launched with the assistance of third-party cybersecurity experts. The investigation revealed that between December 2022 and July 2023, unauthorized access had been gained not only to specific email accounts but also to documents stored on SLU's SharePoint and OneDrive platforms.

The exposed data includes:

• names,
• Social Security numbers,
• driver's license numbers,
• financial account information,
• passport numbers,
• online credentials,
• dates of birth,
• health insurance information,
• medical information,
• student record information.

On March 15, 2024, the university began dispatching data breach notification letters to all individuals whose information was compromised, aiming to inform them of the breach and the specific data pertaining to them that was exposed.