University of Minnesota Company Cyber Security Posture
umn.eduOne of the nationโs largest schools, the University of Minnesota offers baccalaureate, masterโs, and doctoral degrees in virtually every fieldโfrom medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.
UM Company Details
university-of-minnesota
27436 employees
504161.0
611
Higher Education
umn.edu
1140
UNI_3156784
In-progress
UM Risk Score (AI oriented)Between 800 and 900
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
UM Global Score.png)
University of Minnesota Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 800 and 900 |
University of Minnesota Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Minnesota Department of Human Services | Breach | 85 | 4 | 03/2018 | MIN21149222 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Minnesota Department of Human Services suffered a data breach through an employeeโs e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured. | |||||||
| Minnesota Department of Human Services | Data Leak | 60 | 4 | 11/2022 | MIN164122123 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity. DHS implemented new procedures to address the error that led to the incident, and communicated these procedure changes to staff. | |||||||
| University of Minnesota | Breach | 100 | 5 | 07/2021 | UNI84623823 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach. | |||||||
University of Minnesota Company Subsidiaries
One of the nationโs largest schools, the University of Minnesota offers baccalaureate, masterโs, and doctoral degrees in virtually every fieldโfrom medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.
Access Data Using Our API
Get company history
Rapid.png)
UM Cyber Security News
Talking tech industry trends with U of M
Information technology is a rapidly changing field that impacts every industry in Minnesota. Colin Miller, faculty director for informationย ...
Cybersecurity Company Launches In-House 'University' Training Program
Cybersecurity Company Launches In-House 'University' Training Program ยท Struggling to find enough qualified professionals in the field, theย ...
FBI investigating Minnesota cybersecurity expert over concerns about his background, Hennepin Co. att'y says
Mark Lanterman, the Chief Technology Officer at Computer Forensic Services, is being accused by Wisconsin attorney Sean Harrington of inflatingย ...
Minneapolis Cybersecurity Job Market: Trends and Growth Areas for 2025
Explore the Minneapolis cybersecurity job market trends and growth for 2025. Uncover career opportunities and educational needs in Minnesotaย ...
St. Cloud State University students take down hackers, get first place at competition
St. Cloud State University students took down hackers at a statewide cybersecurity competition, bringing a first-place prize to the Graniteย ...
Rural hospitals may be more vulnerable to ransomware attacks
โRansomware attacks are bad news for hospitals and patients no matter where they happen, but they're especially harmful to rural hospitals andย ...
Cyberattack against NYU compromises over 1M students
Computer Niggy Exploitaiton was previously linked to an attack against the University of Minnesota, which resulted in the theft and exposure ofย ...
Cybersecurity boot camp graduates reflect on experiences
Abdisalan Firin, a cybersecurity instructor at the University, was a student at the cybersecurity boot camp in 2021. He was surprised to learnย ...
Top In-Demand CyberSecurity Jobs for Beginners in Minneapolis
Security software developers in Minneapolis should be proficient in programming languages like Python, Java, C++, and C#. Familiarity with webย ...
UM Similar Companies
The University of Queensland
For more than a century, The University of Queensland (UQ) has maintained a global reputation for delivering knowledge leadership for a better world. The most prestigious and widely recognised rankings of world universities consistently place UQ among the world's top universities. UQ has also wo
North Carolina State University
With more than 34,000 students and 7,000 faculty and staff, North Carolina State University is a comprehensive university known for its leadership in education and research, and globally recognized for its science, technology, engineering and mathematics leadership. NC State students, faculty and
University of Helsinki
Working for the world Science has the power to change the world. Join one of the best research universities in the world โ an international community united through bold thinking, science, research, and learning, with over 30,000 students and 8,000 employees. We are defined by our multidisciplina
Cornell University
Cornell is a privately endowed research university and a partner of the State University of New York. As the federal land-grant institution in New York State, we have a responsibilityโunique within the Ivy Leagueโto make contributions in all fields of knowledge in a manner that prioritizes public en
Hannover Medical School
Hannover Medical School (MHH), with around 10,000 employees the largest state enterprise in Lower Saxony, is a university institution for research and teaching in human medicine and dentistry and a university hospital providing supramaximal care. Research, teaching, patient care and administration w
University of Toronto
Founded in 1827, the University of Toronto is Canadaโs top university with a long history of challenging the impossible and transforming society through the ingenuity and resolve of our faculty, students, alumni, and supporters. We are proud to be one of the worldโs top research-intensive univers
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UM CyberSecurity History Information
How many cyber incidents has UM faced?
Total Incidents: According to Rankiteo, UM has faced 3 incidents in the past.
What types of cybersecurity incidents have occurred at UM?
Incident Types: The types of cybersecurity incidents that have occurred incidents Breach and Data Leak.
How does UM detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through third party assistance with Outside forensics specialists and law enforcement notified with True and communication strategy with Providing options to prevent exploitation of personal information and alerting impacted individuals and remediation measures with Implemented new procedures to address the error, Communicated procedure changes to staff and containment measures with Secured Servers.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: University of Minnesota Data Breach
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Date Detected: July 2021
Type: Data Breach
Incident : Data Breach
Title: Minnesota DHS Data Breach
Description: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity.
Type: Data Breach
Attack Vector: Human Error
Vulnerability Exploited: Human Error
Incident : Data Breach
Title: Minnesota Department of Human Services Data Breach
Description: Minnesota Department of Human Services suffered a data breach through an employeeโs e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured.
Type: Data Breach
Attack Vector: Email Compromise
Vulnerability Exploited: Compromised Email Account
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Email Account.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach MIN164122123
Data Compromised: first and last names, addresses, DHS-generated billing account numbers, parental fee account activity
Incident : Data Breach MIN21149222
Data Compromised: Personal Information
Systems Affected: Email Servers
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Account Information and Personal Information.
Which entities were affected by each incident?
Incident : Data Breach UNI84623823
Entity Type: Educational Institution
Industry: Education
Location: Minnesota, USA
Incident : Data Breach MIN164122123
Entity Type: Government Agency
Industry: Public Sector
Location: Minnesota, USA
Customers Affected: 4307
Incident : Data Breach MIN21149222
Entity Type: Government Agency
Industry: Public Administration
Location: Minnesota, USA
Customers Affected: 11000
Response to the Incidents
What measures were taken in response to each incident?
Incident : Data Breach UNI84623823
Third Party Assistance: Outside forensics specialists
Law Enforcement Notified: True
Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals
Incident : Data Breach MIN164122123
Remediation Measures: Implemented new procedures to address the error, Communicated procedure changes to staff
Incident : Data Breach MIN21149222
Containment Measures: Secured Servers
How does the company involve third-party assistance in incident response?
Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists.
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach MIN164122123
Type of Data Compromised: Personal Information, Account Information
Number of Records Exposed: 4307
Sensitivity of Data: Medium
Personally Identifiable Information: first and last names, addresses
Incident : Data Breach MIN21149222
Type of Data Compromised: Personal Information
Number of Records Exposed: 11000
Personally Identifiable Information: True
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Implemented new procedures to address the error, Communicated procedure changes to staff.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through was Secured Servers.
References
Where can I find more information about each incident?
Incident : Data Breach UNI84623823
Source: University of Minnesota
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of Minnesota.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Data Breach UNI84623823
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Providing options to prevent exploitation of personal information and alerting impacted individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach MIN21149222
Entry Point: Compromised Email Account
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Data Breach MIN164122123
Root Causes: Human Error
Corrective Actions: Implemented new procedures to address the error, Communicated procedure changes to staff
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside forensics specialists.
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Implemented new procedures to address the error, Communicated procedure changes to staff.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on July 2021.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were first and last names, addresses, DHS-generated billing account numbers, parental fee account activity and Personal Information.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Email Servers.
Response to the Incidents
What third-party assistance was involved in the most recent incident?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Outside forensics specialists.
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured Servers.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were first and last names, addresses, DHS-generated billing account numbers, parental fee account activity and Personal Information.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 547.0.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is University of Minnesota.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Compromised Email Account.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
