Monroe College revealed that menace actors stole the private, monetary, and well being info of over 320,000 folks after breaching its methods in a December 2024 cyberattack.
Based in 1933 as a Bronx secretarial faculty, Monroe College is now a personal establishment with over 9,000 college students every year throughout campuses in New York (Bronx and New Rochelle), and within the Caribbean nation of Saint Lucia.
As the varsity defined in data breach notifications filed with the Workplace of the Maine Lawyer Basic this week, the attackers had entry to its community for two weeks, from December 9 to December 23.
In September 2025, the college confirmed that the ensuing data breach affected 320,973 people following a overview of the stolen paperwork.
“We reviewed these recordsdata and, on September 30, 2025, decided that they contained some private info for sure people,” the varsity disclosed in an official assertion.
“The kind of info concerned different by individual however might have included a number of of the next: title, date of delivery, Social Safety quantity, driver’s license quantity, passport quantity, authorities identification quantity, medical info, medical health insurance info, digital account or e-mail username and password, monetary account info, and/or scholar knowledge.”
The varsity started mailing breach notifications on January 2 to these whose knowledge was stolen, warning them to observe their credit score studies and account statements for any indicators of fraud or identification theft. Affected people are additionally supplied one yr of free credit score monitoring providers by means of Cyberscout, which can alert them to adjustments to their credit score recordsdata.
A Monroe College spokesperson was not instantly out there for remark when contacted by BleepingComputer for extra particulars concerning the incident.
The varsity was additionally the sufferer of a ransomware assault when it was nonetheless often called Monroe School, with the attackers demanding 170 bitcoins (roughly $2 million on the time) for a decryptor.
Attacks focusing on U.S. universities
A number of different universities throughout the USA have additionally been breached in latest months, with the College of Hawaii reporting final month that its Most cancers Middle was breached in an August 2025 ransomware assault.
In December, Baker College additionally disclosed a data breach after attackers who had hacked its community in 2024 stole private, well being, and monetary info of over 53,000 folks.
A number of different U.S. universities have additionally been breached in voice phishing assaults beginning in October, with Harvard College, Princeton College, and the College of Pennsylvania disclosing that the info of donors, workers, college students, and alumni was stolen from compromised growth and alumni actions methods.
The Clop ransomware gang additionally hacked the Oracle E-Enterprise Suite (EBS) platforms of Harvard College and the College of Pennsylvania to steal private and monetary knowledge from college students, workers, and suppliers.
Whether or not you are cleansing up outdated keys or setting guardrails for AI-generated code, this information helps your staff construct securely from the beginning.
Get the cheat sheet and take the guesswork out of secrets and techniques administration.
