Brigham Young University Data Breach Affects 25,136 Individuals: SSNs Exposed

Brigham Young University experienced a data breach affecting the personal information of 25,136 individuals in the United States. The educational organization detected unauthorized network access involving a vendor’s account, which occurred on or about June 17, 2025.

An unauthorized actor had access to the BYU files for several days until June 24, 2025. The breach exposed a wide range of personally identifiable information (PII), including name, Social Security number (if provided), account ID (but not password), contact information such as address and phone number, gender, marital status, religious affiliation (if provided), age and records of educational courses.

Brigham Young University began notifying affected current and former students on July 14, 2025. The data breach was also disclosed to the Maine, Massachusetts, Texas, and California Attorneys Generals' offices on July 18, 2025. Affected individuals include 62 Massachusetts residents and 26 Maine residents.

Brigham Young University's response

In addition to required state and federal disclosures, BYU-Pathway Worldwide is offering free credit monitoring services to impacted individuals.

If you receive notification from Brigham Young University about this breach, you may want to:

• Contact the toll-free number in your notice to sign up free credit monitoring services, offered by BYU-Pathway Worldwide.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For more details about the university, visit the BYU-Pathway Worldwide website.