Columbia University confirms massive data breach affecting 870,000 students, applicants and employees. Politically motivated hacker stole Social Security numbers, academic records and financial data in sophisticated attack targeting admissions practices.
Cyber incidents in the Asia-Pacific have surged 29% in the past year, with Australia facing major breaches at the University of Western Australia and Qantas. Manufacturing is the top target, deepfakes are on the rise, and experts warn the region is in a digital arms race demanding urgent action.
Samsung Electronics claims first place in DARPA's AI Cyber Challenge, winning $4 million for developing AI technology that automatically detects and patches software vulnerabilities without human intervention. Competition showcased breakthrough in autonomous cybersecurity defense.
Columbia University confirms massive data breach affecting 870,000 students, applicants and employees. Politically motivated hacker stole Social Security numbers, academic records and financial data in sophisticated attack targeting admissions practices.
Cyber News Centre's cyber update for 14th August 2025: Columbia University has confirmed a massive data breach affecting nearly 870,000 students, applicants, and employees after a politically motivated hacker infiltrated the prestigious Ivy League institution's systems.
Columbia University is a private Ivy League research university established in 1767 as King's College, located in New York City. With a budget of $6.6 billion in 2024, the institution employs over 20,000 staff including 4,700 academic personnel and serves more than 35,000 enrolled students across 19 schools and special programs.
Update: Columbia University has disclosed a sophisticated cyberattack that compromised the personal information of 870,000 individuals, including current and former students, applicants, and employees. The breach was discovered on June 24, 2025, following a technical outage that disrupted significant portions of the university's IT systems, but investigators determined the initial unauthorized access occurred a month before on May 16, 2025.
The stolen data includes a comprehensive range of sensitive information: Social Security numbers, names, dates of birth, contact details, demographic information, academic history, financial aid information, insurance details, and health information provided during applications or collected throughout students' academic careers. The attack caused widespread disruption across campus, with students unable to access email accounts and assignment platforms, while digital signs were reportedly defaced with political imagery. University officials described the perpetrator as a "highly sophisticated" hacktivist with a clear political agenda, who spent over two months ensuring persistent access to Columbia's network systems.
The hacker allegedly stole 460 gigabytes of data total, including 1.8 million Social Security numbers. This same threat actor has reportedly targeted other prestigious institutions including New York University and the University of Minnesota, demonstrating a coordinated campaign against higher education. Columbia has implemented additional security safeguards and is working with external cybersecurity experts and law enforcement authorities to investigate the full scope of the incident.
Why it Matters: This breach represents a significant escalation in politically motivated cyberattacks targeting higher education institutions. Earlier this week, the University of Western Australia confirmed a password breach affecting thousands, adding to the mounting list of recent cyber incidents targeting universities worldwide. Together, these cases reveal critical weaknesses in how universities safeguard sensitive academic, financial, and personal data.
For Australian students and families considering or currently attending US universities, this breach highlights the international implications of educational data security and the potential for identity theft and financial fraud. The sophisticated nature of the attack and the perpetrator's ability to maintain persistent access for months demonstrates the increasing threats facing educational institutions globally. Universities worldwide must reassess their cybersecurity postures as they become increasingly attractive targets for hacktivists seeking to advance political agendas through data theft and public exposure of sensitive information.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Samsung Electronics claims first place in DARPA's AI Cyber Challenge, winning $4 million for developing AI technology that automatically detects and patches software vulnerabilities without human intervention. Competition showcased breakthrough in autonomous cybersecurity defense.
France's third-largest mobile operator Bouygues Telecom confirms cyberattack exposing personal data of 6.4 million customers including contact details, IBANs, and contractual information.
University of Western Australia confirms cyberattack exposing password information for thousands of students and staff. All users locked out of systems pending mandatory password resets as investigation continues into Saturday's security incident.
Google confirms ShinyHunters hackers breached its Salesforce database in June, stealing small business contact information through voice phishing attacks. The tech giant fell victim to the same campaign it had warned others about, highlighting sophisticated social engineering threats.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
