Cyber Incident
On June 24, 2025, Columbia University notified the community that a technical outage that disrupted certain University IT systems. Our team worked quickly to restore our operations, immediately launched an investigation with the assistance of leading cybersecurity experts, and notified law enforcement.
While the investigation is ongoing, we have, after substantial analysis, determined that the outage was caused by an unauthorized party with the apparent intent to disrupt our systems. We also have indications that the unauthorized party stole data from our network. We are diligently investigating the scope of the apparent theft. We have not observed unauthorized access to our network since June 24 and will continue to monitor closely for further unlawful activity in our systems. We have implemented a number of safeguards across the University’s systems to enhance our security. Additionally, we reaffirm that CUIMC operations were not affected. While our investigation is ongoing, we currently have no evidence suggesting that health records maintained by the medical center system were compromised by this incident.
We know that this news may raise questions and concerns across our community about the scope of the affected personal information. Our team is working towards answers. This process will take time, and we ask for your patience. If we determine that personal information was compromised, we will of course communicate directly with those affected individuals.
Moving forward, we will be examining what additional steps we can take and additional safeguards we can implement to prevent something like this from happening again.
We have established an information hotline, (866) 819-7006, that members of the University community can call with questions. This information hotline will be staffed 9:00 am to 6:30 pm Eastern Time, Monday through Friday, excluding major U.S. holidays.
Thank you for your understanding during this challenging situation.
Frequently Asked Questions
On June 24, we reported a technical outage that disrupted certain parts of our IT systems. We immediately took steps to investigate and remedy the incident, and our IT team has been working tirelessly to secure our systems and restore our operations. We have since restored our systems.
We promptly began an investigation with the assistance of leading outside cybersecurity experts and notified law enforcement. Our initial investigation determined that an unauthorized party gained access to our network and disrupted our operations. While the investigation is ongoing, we have not observed unauthorized access to our network since June 24, 2025. We are monitoring for further unlawful activity in our systems. At this stage, we believe that the unauthorized party also stole data from our network.
We have initial indications that the unauthorized actor unlawfully stole data from our network. We regret that this incident has occurred. Our investigation is ongoing. If we determine that the personal information of individuals was compromised, we will communicate with those affected individuals.
Additionally, we reaffirm that CUIMC operations were not affected. While our investigation is ongoing, we currently have no evidence suggesting that health records maintained by the medical center system were compromised by this incident.
We are diligently investigating the scope of the apparent theft. We cannot provide an immediate timetable but if we determine that the personal information of individuals was compromised, we will communicate with those affected individuals.
While the investigation is ongoing, we have not observed unauthorized access to our network since June 24, 2025. It is safe to login to your account and computer as you normally would. While we have no reason to think that your password is compromised at this time, it is prudent to frequently change your account passwords, especially if you reuse passwords across multiple sites. We recommend you continue monitoring your accounts for any suspicious activity as you normally would.
We are in the early phase of our investigation. If we determine that the personal information of individuals was compromised, we will communicate with those affected individuals.
We have established an information hotline, (866) 819-7006, that members of the University community can call with questions. This information hotline will be staffed 9:00 a.m. to 6:30 p.m. Eastern Time, Monday through Friday, excluding major U.S. holidays.