Brown University Data Breach

Will Gendron
Mar 15, 2024 12:12 PM
The Brown University data breach, discovered on January 16, 2024, potentially exposed sensitive personal information, including direct deposit banking details, of individuals within the university's network. The breach was a result of a successful phishing campaign. The university is taking measures to secure their systems, notify affected individuals, and offer complimentary identity monitoring services.

Understanding the Brown University Data Breach

In a concerning turn of events, Brown University, a prestigious institution in the realm of higher education, has fallen victim to a data breach. This incident, which came to light on January 16, 2024, is a stark reminder of the persistent threat of cyber attacks and the importance of digital vigilance.

What Happened?

Upon detecting suspicious activity within their Workday services, Brown University acted swiftly to investigate the breach. It was determined that the cybercriminals executed a successful phishing campaign, compromising user credentials and gaining unauthorized access through a fraudulent two-step authorization request.

Information Exposed

The breach potentially exposed sensitive personal information, including direct deposit banking details of individuals within the university's network. Understandably, this has raised concerns about financial security and the risk of identity theft for those affected.

Immediate Response

Brown University has taken the incident seriously, implementing immediate measures to secure their systems and notify the potentially impacted community members. They have also reported the incident to regulatory officials in Massachusetts, as mandated by law. To address any financial discrepancies caused by the breach, the university has reissued any redirected direct deposit funds to the rightful bank accounts.

Preventative Measures

In the wake of this breach, Brown University is reviewing and reinforcing its policies and procedures to bolster its defenses against future cyber threats. They have increased their efforts to educate the community about the risks associated with phishing and the importance of being cautious with unexpected authorization requests.

Support for Affected Individuals

To further assist those impacted, Brown University is offering complimentary identity monitoring services through a third-party provider. Details and instructions on how to activate these services will be communicated separately to the affected individuals.

Steps You Can Take

  • Consider enrolling in the free credit monitoring service provided by Brown University as a response to this incident.
  • Familiarize yourself with ways to spot and protect yourself from phishing, and understand the importance of two-step verification.
  • Regularly monitor your accounts and consider placing a fraud alert or credit freeze on your credit reports.

Additional Resources

For more information on identity theft, fraud alerts, and credit freezes, you can contact the major credit reporting bureaus: Equifax, Experian, and TransUnion. You may also reach out to the Federal Trade Commission at or by calling 1-877-ID-THEFT.

Contact Information

If you require further information or assistance, please do not hesitate to contact Brown University's IT Service Center at 401-863-4357 or via email at

For the full notice to consumers, please refer to the disclosure on the Massachusetts Attorney General's website.

By staying informed and taking proactive steps, you can help safeguard your personal information and mitigate the risk of potential consequences arising from this data breach.

Affected by the data breach?

Join others and take action at no cost.

Weekly newsletter

Stay up to date with new class action settlements you may join.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Consumer Notice

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF