Northcentral University Announces Data Breach Affecting Sensitive Student Information

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

Recently, Northcentral University (“NCU”) confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive student data contained on the school’s network. According to the Northcentral University, the breach resulted in the names, addresses, Social Security numbers, and student identification numbers of affected students being compromised. On July 15, 2022, Northcentral University filed an official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Northcentral University data breach, please see our recent piece on the topic here.

What We Know About the Northcentral University Data Breach

According to an official notice provided by the school, on May 26, 2022, NCU detected suspicious activity on its computer network. In response, the school secured its network and enlisted the assistance of a digital forensics firm to investigate the incident. As a result of this investigation, Northcentral University was able to confirm that certain students’ financial aid award information was accessible to an unauthorized party.

Whether the person or group orchestrating the attack specifically intended to target this information remains to be seen. However, as a result of the NCU data breach, the names, addresses, Social Security numbers, and student ID numbers of certain students were leaked.

On July 15, 2022, Northcentral University sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Northcentral University

Northcentral University is a private online university based in San Diego, California. Founded in 1996, NCU offers bachelor's, master's, specialist, and doctoral degrees in a variety of subjects, including business, health sciences, law, education, social work, psychology and technology. Currently, the NCU student body consists of about 10,000 students. In 2019, Northcentral University joined the National University System, which is an education system including three universities, National University, Northcentral University, and City University of Seattle, as well as three nonprofit programs that address critical needs in the Pre-K-12 education and nonprofit sectors: Harmony SEL, Inspire Teaching & Learning, and Fundraising Academy Cause Selling Education. Northcentral University employs more than 2,559 people and generates approximately $286 million in annual revenue.

Can Schools Be Held Liable for a Data Breach Affecting Students Sensitive Information?

Yes, schools, like businesses, non-profits, and government entities, can be held liable for a data breach. However, a school or university is not automatically liable for a data breach; the breach must be a result of the school’s negligence in maintaining student data. Additionally, affected students must establish that the school’s negligence was the cause of or a contributing factor leading to the breach.

Clearly, no school wants to experience a data breach, and, of course, no school is solely responsible for a breach. In most cases, university data breaches are the result of cybercriminals specifically targeting the school. These hackers employ sophisticated scams and cyberattacks to orchestrate the breach. However, schools that are up-to-date on all data privacy issues and maintain robust data security systems can stop most breaches and quickly detect those that they were unable to stop.

There are a few ways a school’s negligence can cause or contribute to a data breach. For example, if university employees are careless in storing student data, such as by failing to encrypt files containing sensitive student information, it may result in a school being liable for the breach. Similarly, if a university employee responds to an email phishing attack, either with their login credentials, student data, or information that gives hackers the ability to breach the school’s system, the school may also be liable.

Of course, these are just a few of the ways that a school or university may have been negligent leading up to a data breach. Of course, it can be very difficult, if not impossible, for affected students to know what led to a data breach, which can make determining whether a student has a claim very difficult. Data breach lawyers can assist students, faculty or others who believe their information may have been leaked as a result of a university data breach.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Console and Associates, P.C.

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide