Cybersecurity Incident
Notice of Cybersecurity Incident
Coalition for the Common Good, dba Antioch University (“Antioch”), is providing notice of a recent data security incident that may have resulted in unauthorized access to the personal information of a limited number of Antioch students and employees. While we are unaware of any fraudulent misuse of any personal information at this time, we are providing details about the incident, steps we are taking in response, and resources available to help you protect against the risk of identity theft.
What Happened?
On August 11, 2023, Antioch detected unusual activity on our network. Upon discovery of this incident, Antioch immediately disconnected all access to the network and promptly engaged legal counsel and specialized cybersecurity professionals to conduct a forensic investigation and assist with securing our environment. The forensic investigation determined that Antioch was the target of a ransomware attack and found evidence that the unauthorized actor accessed a limited number of Antioch systems. Based on these findings, Antioch reviewed the affected systems to determine the types of information involved and identify any individuals whose information may have been affected.
What Information Was Involved?
Although Antioch has no evidence that any personal information has been misused by third parties as a result of this incident, we are providing notice out of an abundance of caution and for purposes of full transparency.
While the information involved varies for each individual, Antioch’s investigation has determined that the unauthorized actor may have accessed the following categories of information: name, date of birth, Social Security number, passport number, driver’s license number, government identification number, student identification number, financial account number, and health information. Again, the information involved varies for each individual, and not every category applies in each individual case.
Antioch has mailed personalized notification letters to the affected individuals that detail the specific categories of information that apply in each individual’s case. If you do not receive a notification letter, then your information may not have been affected. If you have any questions about whether your information was affected, please call the toll-free number provided below.
What We Are Doing
Data privacy and security are among Antioch’s highest priorities. Since the discovery of the incident, Antioch moved quickly to investigate and secure our systems. As a credit to our existing safeguards, we were able to securely restore our network from backups. Following the incident, we changed administrative credentials, installed a new firewall, upgraded our intrusion detection software, and engaged a cybersecurity firm to monitor our network activity. We will continue to take steps to enhance the security of our network.
As part of our commitment to data security, we are also providing all potentially-affected individuals with access to credit monitoring services at no charge. These services provide you with alerts when changes occur to your credit file. This notification is sent to you the same day that the change or update takes place with the bureau. Finally, we are providing proactive fraud assistance to help with any questions that individuals might have or in the event they experience any fraud or identity theft. These services will be provided by Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.
What You Can Do
We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your credit reports for suspicious or unauthorized activity. Additionally, security experts suggest that you contact your financial institution and all major credit bureaus to inform them of such a breach and then take whatever steps are recommended to protect your interests, including the possible placement of a fraud alert on your credit file. Please review the enclosed Steps You Can Take to Help Protect Your Information to learn more about how to protect against the possibility of information misuse.
Potentially affected individuals can also enroll in the credit monitoring and fraud assistance services that we offer at no cost. Again, Antioch has mailed personalized notification letters to the affected individuals that will provide instructions on how to enroll in those services.
We would like to reiterate that, at this time, we do not have any evidence that any personal information was misused in connection with this incident. However, we encourage you to take full advantage of the services offered.
For More Information
If you have any questions or concerns not addressed in this letter, please call 1- 833-972-0988 (toll-free) Monday through Friday, during the hours of 8:00 AM and 8:00 PM Eastern Standard Time (excluding U.S. national holidays).
Antioch sincerely regrets any concern or inconvenience this matter may cause and remains dedicated to the privacy and security of personal information.