Columbia University (Columbia University) reportedly experienced a large-scale cyberattack on June 24, causing multiple information systems on campus to go down, including the teaching platform, administrative portal, and official website. Tens of thousands of students and faculty members were affected, and the New York City police have initiated an investigation. As of the deadline on Wednesday, the university had not yet announced the completion of system restoration.
According to the emergency notification issued by the university, starting early on Tuesday morning, the login systems, course management platform, email, and other online services at the main campus of the university were all unavailable. Following the incident, Columbia University immediately activated its emergency response mechanism and notified the police and relevant cybersecurity experts to conduct an investigation.
Although the university has not officially confirmed the nature of the attack, preliminary signs indicate that the incident may involve an access control attack, with hackers disrupting user permissions or system controls through illicit means. Some reports indicated that the electronic billboards on campus even displayed unrelated images (such as pictures of Donald Trump) at one point, drawing attention from students and faculty.
In a statement, Columbia University mentioned that currently, there is no evidence indicating that any personal data has been stolen or infected with ransomware. The Columbia University Irving Medical Center (CUIMC) and clinical systems were not affected, and patient care continued as usual.
Nevertheless, this incident has raised doubts about the cybersecurity capabilities of higher education institutions. According to cybersecurity experts, many universities still rely on outdated systems and vulnerable authentication mechanisms, making them potential targets for hackers. The event at Columbia University, along with the data breach incident at New York University earlier in the year, highlights the information security risks faced by universities.
The university stated that they are gradually restoring services and providing ongoing updates to the campus community. Students and faculty are advised to temporarily use alternative methods to contact the university and to increase vigilance against phishing and abnormal account activities on the network.