University of St. Thomas Data Breach: 1.8TB Stolen

The University of St. Thomas, Minnesota’s largest private nonprofit university, recently experienced a data breach involving ransomware.

The incident was first made public when the hacking group INC RANSOM claimed responsibility on Aug. 21, 2025, posting on their dark web portal that they had exfiltrated approximately 1.8 terabytes of sensitive data from the university’s systems.

According to information disclosed to the Texas Attorney General on March 9, 2026, the breach exposed a wide range of personally identifiable information (PII) and protected health information (PHI), including names, addresses, Social Security numbers, driver’s license numbers, government-issued ID numbers such as passport or state ID cards, financial account numbers, credit or debit card numbers, medical information, health insurance details, dates of birth and other sensitive records.

The breach is considered severe due to the breadth of information compromised and the fact that the data was taken in a ransomware attack, where cybercriminals not only encrypted university data but also stole it for potential extortion or sale.

University of St. Thomas’ response

Following the discovery of the ransomware attack, University of St. Thomas has notified affected individuals in accordance with legal requirements and is cooperating with law enforcement agencies. Given the nature of the data exposed, affected individuals should take immediate steps to protect themselves.

Recommended actions include monitoring bank and credit card statements for unauthorized activity, placing fraud alerts or security freezes on credit files, and being vigilant for phishing attempts or suspicious communications.

Individuals whose health or insurance information was exposed should also review medical statements for unfamiliar charges.

While the university’s public response details are limited, it is standard practice for organizations in such situations to offer credit monitoring or identity theft protection services to those affected. Individuals are encouraged to review any official notifications received from the university for specific guidance and support resources.