A Columbia University Breach Exposed My Social Security Number—But I'm Not a Student

A cryptic text from my father in February set off a months-long investigation into a puzzle that has been plaguing a peculiar group of victims of a Columbia University data breach last year. The common thread among them? Absolutely no connection to the school.

The text included a photo of a letter from Columbia, informing me that I was a victim of a data breach that occurred last June. The breach exposed a wide range of sensitive information, including 1.8 million Social Security numbers. What made this revelation even more bizarre was that Columbia's public notices about the breach were addressed exclusively to "members of the Columbia community." In those notices, Columbia warned that an "unauthorized party obtained information about students and applicants related to admissions, enrollment, and financial aid processes, as well as certain personal information associated with some Columbia employees." However, major news reports that followed only referenced people affiliated with Columbia as victims, while pointing out that the hacktivist behind the breach was reportedly motivated to expose Columbia's history of "affirmative action-based" admissions.

Despite the initial reports, it appears that the breach had a much broader impact, affecting individuals with no apparent ties to the university. The question remains: how did my Social Security number, and those of others with no connection to Columbia, end up in the breach? The incident raises concerns about the security of personal data and the potential consequences of such breaches.

As the investigation continues, one thing is clear: the Columbia University data breach has left a trail of uncertainty and unease among its unlikely victims. For now, those affected can only wait and see if they will receive any further information about the breach and what steps they can take to protect themselves.