On or around June 24, 2025, Columbia University (“Columbia”) became aware of suspicious activity on its computer systems, indicating a data breach. Based on a subsequent forensic investigation, Columbia determined that cybercriminals infiltrated its inadequately secured computer network on or around May 16, 2025. The investigation further determined that, through this infiltration, cybercriminals accessed and copied files containing the sensitive personal information of approximately 868,969 individuals.
The information exposed in the data breach includes, but is not limited to:
- Names
- Social Security numbers
- Financial information
- Health insurance information
- Dates of birth
- Demographic information
As a result of the Columbia University data breach, these individuals’ personal and highly confidential information may be in the hands of cybercriminals who can place the information for sale on the dark web or use the information to perpetrate identity fraud.
Murphy Law Firm is investigating claims on behalf of all individuals whose personal and confidential information was potentially compromised in the data breach. We are evaluating legal options, including a potential class action lawsuit, to recover damages for individuals who were affected by the Columbia data breach.