NJ college students’ personal data for sale on dark web
💻 New Jersey City University reported a data breach occurred in June 2024
💻 Personal and financial data of students and staff were stolen
💻 That data has been posted to the dark web for sale
Highly sensitive personal and financial data of students and staff at New Jersey City University has been posted to the dark web.
That data is now being offered to the highest bidder and could be used by bad actors to engage in identity theft and more.
The Jersey Journal was the first to publish screenshots of the data on the dark web, including student and staff names, Social Security numbers and even photos of individual driver's licenses.
Hackers gained access to the computer system at NJCU in early June, but the school did not start notifying students and staff of the breach until a month later.
The organization behind the cyber breach had been demanding $700,000 in Bitcoin. If they didn't get it, they threatened to publish the personal date they stole.
It appears that random was not paid, and the hackers made good on their threat.
New Jersey City University less than forthcoming
NJCU has nearly 6,000 students enrolled in graduate and undergraduate programs as well as hundreds of staff members. How many had their data stolen is not clear.
School officials have been less than forthcoming about the data breach and slow to respond to the threat.
They have refused to explain why they waited so long to announce the hacker attack, only saying they could not do so while their investigation into what happened was ongoing.
NJCU has also promised to set up a hotline where students and staff could get more information and access credit monitoring, but they have yet to reveal the number to call.
They insist they have contracted with one of the major credit reporting agencies to help those effected but have refused to release details.
How do I know if my data has been compromised?
✔ Aside from being notified by New Jersey City University, the U.S. Federal Trade Commission advises you do the following:
✔ Track what bills you owe and when they’re due. If you stop getting a bill, that could be a sign that someone changed your billing address.
✔ Review your bills. Charges for things you didn’t buy could be a sign of identity theft. So could a new bill you didn’t expect.
✔ Check your bank account statement. Withdrawals you didn’t make could be a sign of identity theft.
✔ Get and review your credit reports. Accounts in your name that you don’t recognize could be a sign of identity theft.
Here’s how you can get your free credit reports.
What steps can I take if my data has been compromised?
✔ If the organizations responsible for exposing your information offers you free credit monitoring, take advantage of it.
✔ Get your free credit reports from annualcreditreport.com. Check for any accounts or charges you don’t recognize.
✔ Consider placing a free credit freeze. A credit freeze makes it harder for someone to open a new account in your name.
✔ If you place a freeze, be ready to take a few extra steps the next time you apply for a new credit card or cell phone – or any service that requires a credit check.
If you decide not to place a credit freeze, at least consider placing a fraud alert.
✔ Try to file your taxes early — before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.
✔ Don’t believe anyone who calls and says you’ll be arrested unless you pay for taxes or debt — even if they have part or all of your Social Security number, or they say they’re from the IRS.
✔ Continue to check your credit reports at annualcreditreport.com. You can check your reports every week for free.
✔ You might consider setting up an E-Verify account so you can lock your Social Security number at e-verify.gov/mye-verify.
E-Verify is an online system that lets employers verify you're eligible to work in the United States, while also letting you lock your Social Security number so others can't use it to get a job. It's run by the U.S. Department of Homeland Security and the Social Security Administration. When someone tries to use a locked Social Security number to get a job, employers that use E-Verify must get more information from the person trying to use your Social Security number.
FBI's Top 5 Most Wanted violent fugitives in NJ
Gallery Credit: Eric Scott
Latest additions to NJ DOT's 2024 collection of humorous safety messages
Gallery Credit: Dan Alexander
Report a correction 👈 | 👉 Contact our newsroom