Overview
- University officials say attackers exfiltrated files and heavily encrypted research systems on August 31, 2025, delaying restoration and assessment.
- Exposed data includes names, Social Security and driver’s license numbers, voter registration details, and limited research-related health information from legacy studies.
- Those affected include 87,493 Multiethnic Cohort participants plus about 1.15 million individuals in historical DMV and voter datasets.
- The university engaged the ransomware group, paid to obtain a decryption tool, and reported purported destruction of stolen data, without disclosing the amount.
- Notifications are underway, including letters to study participants and about 900,000 emails, with 12 months of credit monitoring offered as the investigation continues with law enforcement and cybersecurity experts.