Monroe University
December 9, 2024
•[ data breach, network access, personally identifiable information (PII) ]
BleepingComputer reported that Monroe University disclosed that threat actors accessed its network for roughly two weeks (December 9 to December 23, 2024) and stole documents later determined to contain personal, financial, and health information. The university stated it determined on September 30, 2025 that certain individuals data was contained in the stolen files, and filings indicated 320,973 individuals were affected. Exposed data elements were described as varying by person and potentially including name, date of birth, Social Security number, drivers license or passport numbers, government ID numbers, medical and health insurance information, email or electronic account usernames and passwords, financial account information, and student-related data. Notifications were mailed beginning January 2, 2026.
