Lee University Data Breach Exposes Social Security Numbers

Lee University recently disclosed a data breach affecting the personal information of current and former students and employees. The incident was first discovered earlier in 2024 after the university detected unusual activity within its network systems, caused by a vulnerability in third-party software.

A forensic investigation revealed that unauthorized individuals accessed and downloaded sensitive data from the university's systems. The compromised data includes personally identifiable information (PII) such as individuals' names, Social Security numbers, driver's license numbers, government-issued ID numbers (for example, passports and state ID cards), financial account information (including account numbers and credit or debit card numbers), and protected health information (PHI), including medical information.

Lee University reported that at least 3,042 individuals in the state of Texas alone have been affected by this breach in an official disclosure to the Texas Attorney General's office on March 27, 2025. You can view the official disclosure on the Texas Attorney General's Data Security Breach Reports webpage.

Additional AG disclosures have been filed with the states of California, New Hampshire and Vermont.

Lee University has also posted a comprehensive notice about the breach on its own website, which can be accessed on the Lee University Data Security Notice page.

Lee University's response

In response to the breach, Lee University took steps to secure its systems, containing the incident and preventing further unauthorized access. The university also enlisted cybersecurity specialists to investigate the breach thoroughly and determine the extent of the data compromise.

Lee University is currently reviewing all potentially affected data to fully understand the impact of the breach. Once this review is complete, the university will directly notify all individuals whose personal information was involved, providing specific details about the incident and recommended protective measures.

In the meantime, Lee University is offering complimentary identity protection services through IDX to current and former students and employees who may have been impacted. These services include credit monitoring, identity restoration assistance, and identity protection insurance.

Those affected can enroll in these services or seek assistance by contacting Lee University's dedicated support team at (877) 719-6522, available Monday through Friday from 9:00 AM to 9:00 PM Eastern Time.

Additionally, Lee University recommends that affected individuals take proactive steps to protect their personal information, including:

• Contacting financial institutions immediately if suspicious activity is detected.
• Changing passwords on personal accounts.
• Requesting a free annual credit report from each of the three nationwide credit reporting agencies at AnnualCreditReport.com.
• Considering placing a fraud alert or a security freeze on credit reports.
• Obtaining an Identity Protection PIN (IPPIN) from the Internal Revenue Service to prevent fraudulent tax filings.

For detailed guidance on protecting against identity theft, Lee University advises visiting the Federal Trade Commission's identity theft webpage.

For more information about the breach, Lee University's response, and protective measures, please review the full consumer notification provided by Lee University, available in PDF format at the bottom of this page.