Baruch College Data Breach Exposes Social Security Numbers

On December 14, 2024, Baruch College, part of the City University of New York (CUNY) system, experienced a cybersecurity incident that resulted in unauthorized access to documents within its IT systems. The breach affected current and former students, faculty, and staff whose information was processed by the college.

While Baruch College has not confirmed the exact number of individuals impacted, the scope includes anyone whose data was handled by the institution, given the inability to rule out exposure for any particular group.

The types of information potentially exposed are extensive. Personally identifiable information (PII) such as names, Social Security numbers, driver’s license numbers, government-issued identification numbers, credit or debit card numbers, and financial account numbers may have been compromised.

In addition, protected health information (PHI) could have been accessed, including medical or health information and details provided as part of disability services or counseling center services.

Baruch College discovered the breach when it detected unauthorized access to its systems. Immediately after detecting the incident, the college launched an investigation to determine the nature and scope of the breach. The incident was reported to law enforcement, and Baruch began reviewing and strengthening its data privacy and security policies.

At this time, the identity of the party responsible for the breach has not been disclosed, and the method by which the data was accessed has not been detailed. However, the breadth of sensitive information potentially exposed makes this a serious incident, especially given the inclusion of both PII and PHI.

For more details and ongoing updates, you can visit the official Baruch College security incident notice.

Baruch College's response

Recognizing the potential impact on affected individuals, Baruch is offering complimentary credit monitoring services for two years to all potentially impacted students, faculty, and staff. To enroll in these services, individuals should refer to the March 7, 2025, email from Baruch College for enrollment codes and visit the Baruch College IDX response portal.

Baruch College encourages everyone who may have been affected to remain vigilant against identity theft and fraud. It is important to regularly review account statements and monitor credit reports for suspicious activity. The college has provided guidance on how to obtain free credit reports, place fraud alerts, and request security freezes from the major credit bureaus.

Additional resources are available from the Federal Trade Commission, including advice on protecting yourself from identity theft, which can be accessed through the FTC’s identity theft resources.

If you have questions or need assistance, Baruch College has set up a dedicated toll-free line at 1-877-721-7266 and can be reached by email at SecurityInquiries@baruch.cuny.edu.