Taylor University (TU) is a Christian liberal arts college in the Midwest; they offer four-year degrees and accredited programs for a 2,000-person servant-leader student population. In May, they were also the target of a ransomware cyberattack.
According to the published consumer notice on the Maine Attorney General’s website, the attack was a “sophisticated cybersecurity incident”. The filing offers more information about the event, indicating it was a ransomware attack. How TU responded to the ransomware threat is unclear, presumably pointing to them rejecting any ransom demands.
The consumer notice states the bad actors gained access to TU’s systems between February 26th and May 18th, 2023. On May 18th, TU presumably noticed and reacted to the ransomware, including launching investigations. Their investigations concluded around November 16th, and officials sent impact notices around December 4th.
TU’s breach will likely impact students and associates of the university. However, other university breaches have impacted everyone, from students to staff, faculty, alums, and vendors. The public notices do not indicate a group specifically impacted. Consequently, the lack of information does little to encourage their associates.
The Maine Attorney General’s filing also lacks a total impact figure; the total stolen files could be in the thousands, but until TU announces this, the number remains undetermined. All we know for sure is that those associated with TU will have to think about financial fraud, credit and identity protection services.