Schools

Data Breach At Princeton University May Have Exposed Student, Staff Information

Princeton University alumni, alumni spouses/partners, donors, faculty, staff, students, and parents should look out for suspicious messages.

Alexis Tarrazi's profile picture
Alexis Tarrazi, Patch StaffVerified Patch Staff Badge

PRINCETON, NJ — A data breach at Princeton University has compromised the information of alumni, donors, faculty, staff, students, parents, and other members of the University community.

The breach happened on Nov. 10 and lasted for less than 24 hours, according to the University in an update on Tuesday.

"We do not at this point know precisely what information was viewed or extracted. The database in general contains biographical information pertaining to University's fundraising and alumni engagement activities. We believe it does not contain passwords, Social Security numbers, credit card information, or bank account records," said the University.

Find out what's happening in Princetonfor free with the latest updates from Patch.

The University tried to send an email on Nov. 15 to notify those whose information is potentially affected. The emails were sent to everyone for whom the University had a valid email address in the database.

However, there were some people the University did not have an email address. In addition, some emails may be rejected by recipients' email services or directed to spam folders.

Find out what's happening in Princetonfor free with the latest updates from Patch.

As a result, the University is asking people in the following groups to assume some level of information about them is likely to be in the database:

  • All University alumni (including anyone ever enrolled as a student at Princeton even if they did not graduate)
  • Alumni spouses and partners
  • Widows and widowers of alumni
  • Any donor to the University
  • Parents of students (current and past)
  • Current students
  • Faculty and staff (current and past)

"Be alert for unusual messages that claim to come from Princeton University. No one from the University should ever call, text, or email you asking for sensitive information such as Social Security numbers, passwords, or bank information," said the University.

On Monday, faculty and staff received additional guidance on how to avoid “phishing” attacks and protect University systems.

Suspicious messages can be reported by emailing phishbowl@princeton.edu.

Have a news tip? Email alexis.tarrazi@patch.com.

Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.

More from Princeton