Pacific Union College Data Breach

Pacific Union College (PUC) is in Angwin, California; it is a minor campus that hosts over 60 minor programs and just three master’s programs. PUC’s enrollment population was at or below 1,000 heads in 2021. Given their low student population, the recent announcement that they’ve suffered a breach potentially exposing 56,000 people is moderately alarming.

What Was the Breach?

• Full Name
• Financial Account Numbers
• Credit/Debit Card Numbers
• Card Credentials and PINs

How Did the Breach Occur?

The public information about the attack is sparse; the notice provided to the Maine Attorney General’s office states the bare minimum. Purportedly, they discovered an unauthorized actor in their network, then immediately responded by removing them and engaging with cybersecurity professionals. The only other public detail about the breach is listed on Maine’s website, describing the assault as an “external system breach.”

When Did This Breach Occur?

PUC’s consumer notice is available on Maine’s website; the breach happened around March 5th and may have lasted until March 19th. PUC then launched an investigation that concluded on October 9th, with consumers notified around then.

Who Does the Breach Impact?

The Maine data breach filing suggests many impacted individuals; 56,041 people may have had their information stolen or accessed. The cyberattacks on the Universities of Missouri and Michigan from the past weeks might suggest a broad victim spectrum.

How Many Files Does the Breach Affect?

It is unclear how many files were accessed by the thieves. The colossal impact number should be a red flag for all those involved with PUC; students, staff members, vendors, providers, staff, lecturers, and alums may have had their information taken.