From a top university to a city’s critical services and a major telecom firm, this week's cyber news shows that no one is safe - except they put safety measures in place. We’re breaking down three major breaches that show how much cyber attacks are evolving.

Columbia University Breach: Nearly 870,000 Affected

In mid-May 2025, an attacker gained unauthorized access to Columbia University’s systems, quietly siphoning data until a system outage in late June exposed the breach. 

The university confirmed the breach and is notifying approximately 868,969 affected individuals and offering two years of free credit monitoring and identity theft support.

The information compromised in the breach included full name, date of birth, Social Security number, contact details, academic and financial-aid records, plus insurance and other health-related information. However, patient records from the Columbia University Irving Medical Center were not affected.

What's the Implication of this?

This means these affected individuals are at risk of identity theft, targeted phishing, financial or benefits fraud, and long-term privacy damage.

What You Can Do

• Regularly check your credit reports for any unauthorized activity.

• Be cautious with emails or calls asking for personal details – always verify who you’re dealing with.

• Avoid sharing sensitive information unless absolutely necessary and through trusted channels.

While data theft is a common result of cyberattacks, another type of threat can bring an entire city to a halt. 

St. Paul City Ransomware: Ongoing Impact on Services

On July 25, 2025, St. Paul’s IT systems were hit by ransomware. The city quickly shut down networks and brought in the National Guard and FBI for support.

Weeks later recovery is still ongoing with public-facing services and Wi-Fi remaining largely offline. All 3,500 city employees have been told to reset their passwords, and a 90-day emergency declaration has been extended to keep restoration efforts moving.

City officials believe residents’ personal information is unlikely to be affected, as the city doesn’t store large amounts of it, and emergency services like 911 were not disrupted.

What's the Implication of this?

Even without large-scale data theft, the shutdown has disrupted daily life: residents can’t pay bills online, library internet is down, and scammers are taking advantage by sending out fake invoices. These delays and misinformation can reduce public trust and create opportunities for fraud.

What You Can Do

• Confirm the legitimacy of all payment requests directly with official city sources before making any payments.

• Be alert for scams or fake invoices exploiting service outages or urgent demands.

• Prepare alternative ways to access city services, like phone hotlines or official social media, if usual online systems are down.

Meanwhile, a different kind of attack in Europe exposed millions of customers to future risk.

Bouygues Telecom Cyberattack Exposes Millions of Customers' Data

In early August, French telecommunications provider Bouygues Telecom experienced a cyberattack that led to the breach of personal information for millions of its customers. The company, which serves nearly 27 million mobile users, identified the incident on August 4 and launched an investigation.

The breach affected 6.4 million customers, whose contact information, contract details, and bank account numbers (IBANs) were accessed by hackers. 

Bouygues Telecom has since reported the event to French authorities and is in the process of notifying all affected individuals via email or text message. The company has clarified that while this sensitive data was exposed, no passwords or payment card information were compromised.

What's the Implication of this?

Even though the most critical financial data was not stolen, the exposure of personal information puts millions of customers at risk. The compromised contact details and bank account numbers create an opportunity for phishing scams, fraud, and other malicious activities targeting both individuals and businesses.

What You Can Do

• Monitor your bank and credit card statements closely for suspicious transactions.

• Update passwords on accounts related to your exposed information.

• Scrutinize any unexpected calls, texts, or emails requesting personal or financial information – confirm their authenticity before responding.

These recent cyber attacks show that threats can come in many ways – through stolen information, ransomware, or problems with partners. The best way to stay safe is to keep learning and be careful. Cybersecurity is not just about technology but also about being alert and making smart choices.

At Cyberkach, we want to help you stay safe with easy-to-follow advice and support.

Ready to learn more? Visit Cyberkach Blog for simple tips and useful information to protect yourself and your business from cyber risks.