Columbia University recently confirmed a major cyberattack that compromised personal, financial and health-related information tied to students, applicants and employees. The victims include current and former students, employees and applicants. Notifications to affected individuals began Aug. 7 and are continuing on a rolling basis.

Columbia, one of the oldest Ivy League universities, discovered the breach after a network outage in June. According to Columbia, the disruption was caused by an unauthorized party that accessed its systems and stole sensitive data. Investigators are still assessing the full scope of the theft.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER 

TRANSUNION BECOMES LATEST VICTIM IN MAJOR WAVE OF SALESFORCE-LINKED CYBERATTACKS, 4.4M AMERICANS AFFECTED

What information was stolen?

According to a breach notification filed with the Maine Attorney General’s office, nearly 869,000 individuals were affected by the Columbia breach. This number includes students, employees, applicants and, in some cases, family members. Media outlets also reported that the threat actor claimed to have stolen approximately 460 gigabytes of data from Columbia’s systems.

Columbia confirmed that the stolen information relates to admissions, enrollment and financial aid records, as well as certain employee data. The categories of exposed information include:

• Names, dates of birth and Social Security numbers
• Contact details and demographic information
• Academic history and financial aid records
• Insurance details and certain health information

Columbia emphasized that patient records from Columbia University Irving Medical Center were not affected. Still, the breadth of stolen data poses serious risks of identity theft and fraud.

DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION

Columbia University campus (Luiz C. Ribeiro for New York Daily News/Tribune News Service via Getty Images)

Columbia University response

Columbia has reported the incident to law enforcement and is working with cybersecurity experts. The university said it has strengthened its systems with new safeguards and enhanced protocols to prevent future incidents.

Starting Aug. 7, Columbia began mailing letters to those affected, offering two years of complimentary credit monitoring, fraud consultation and identity theft restoration services.

When contacted, Columbia referred CyberGuy to its official community updates, published June 24 and Aug. 5.

While the university says there is no evidence that the stolen data has been misused so far, the risk remains high. Criminals often wait months before exploiting stolen data.

NEARLY A MILLION PATIENTS HIT BY DAVITA DIALYSIS RANSOMWARE ATTACK

Columbia University says a June network outage is to blame for the breach. (Silas Stein/picture alliance via Getty Images)

Steps to protect yourself after the Columbia University breach

If you are among those affected or simply want to safeguard your data, take these steps today:

1) Monitor your credit reports

Check your credit reports regularly through AnnualCreditReport.com. Look for accounts you did not open or changes you did not authorize. 

2) Use a personal data removal service

Since Columbia confirmed that stolen files may include names, addresses and demographic details, consider using a personal data removal service. These services help scrub your information from data brokers and people search sites, making it harder for criminals to exploit exposed details. This step reduces the chance that stolen Columbia records are linked to your broader online identity.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.  They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites.  It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.  By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

3) Set up fraud alerts and freezes

Placing a fraud alert makes it harder for identity thieves to open accounts in your name. A credit freeze offers even stronger protection by blocking new credit applications.

4) Use strong and unique passwords

Create long, complex passwords for each account. A password manager can help generate and securely store them.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com/Passwords) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. 

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

5) Enable two-factor authentication

Turn on two-factor authentication (2FA) wherever possible. This extra layer of security helps protect your accounts even if a password is stolen.

6) Watch for phishing attempts and use strong antivirus software

Scammers may try to exploit fear around the breach with fake emails or texts. Verify any message before clicking links or sharing personal information.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com/LockUpYourTech 

7) Consider identity theft protection services

Beyond the free credit monitoring Columbia offers, additional paid services can help track your data across the dark web and provide extra safeguards.

Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. 

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com/IdentityTheft 

Kurt’s key takeaways

The Columbia University breach shows how even trusted institutions are vulnerable to cyberattacks. Because the investigation is ongoing and notifications will continue through the fall, individuals should remain on high alert. With so much personal, financial and health information exposed, staying alert long after the headlines fade is critical.

What more should universities and large institutions be required to do to safeguard the personal data of the people who trust them? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com.  All rights reserved. 

Scammers are constantly finding new ways to trick people. While older tactics like phishing emails and impersonating government agencies to steal credentials are becoming easier to spot, bad actors are now turning to more alarming methods. One of the latest involves impersonating local authorities. 

People have reported receiving phone calls claiming they missed jury duty and now face a warrant for their arrest. This kind of impersonation scam is harder to spot because it’s highly personalized, but that doesn’t mean you’re defenseless. Let’s break it down.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

DON’T FALL FOR THIS BANK PHISHING SCAM TRICK

What jury duty scam victims need to know

Scammers posing as court officials are targeting individuals with false claims about missed jury duty, prompting warnings from law enforcement. The fraud typically begins with a call from a blocked or unknown number, alleging that the recipient has missed jury duty and is facing an arrest warrant. The scammers then demand payment, usually through wire transfers or gift cards.

A key warning sign is being asked to pay money to avoid arrest or legal trouble. It is important never to give money or personal information to unknown callers.

These scams often target older or more vulnerable individuals, although younger people have also reported close calls. In one example, a person received repeated calls from an unidentified number before answering. The caller, claiming to be from a local sheriff’s department and equipped with the individual’s full name and address, insisted they had failed to appear for jury duty and faced multiple citations.

HOW FAKE MICROSOFT ALERTS TRICK YOU INTO PHISHING SCAMS

Victims can spot jury duty impersonation scams by verifying suspicious calls before taking action and reducing their digital footprint. (Kurt “CyberGuy” Knutsson)

How to spot jury duty impersonation scams

• No jury duty arrest warrants: Missing jury duty doesn’t lead to criminal citations or warrants.
• Blocked or spoofed numbers: Real law enforcement won’t hide their identity.
• Unusual payment methods: No government agency will ask for gift cards or crypto.
• Aggressive threats: Threats of arrest or contempt of court are a scare tactic.

Legitimate jury summonses are delivered by mail, not through threatening phone calls.

6 ways to protect yourself from jury duty scam calls

If you get a suspicious call about missed jury duty, don’t panic. Follow these steps to stay safe and protect your personal information.

1) Don’t trust calls from unknown numbers

This might sound obvious, but don’t trust any unknown caller, especially if they demand money. Legitimate authorities will never ask for payment over the phone, especially not through gift cards, wire transfers, or cryptocurrency. If someone threatens you with arrest or legal action unless you pay immediately, it’s almost certainly a scam. Hang up and call your local court or police department using an official number.

HOW TO HAND OFF DATA PRIVACY RESPONSIBILITIES FOR OLDER ADULTS TO A TRUSTED LOVED ONE 

2) Verify suspicious calls before taking action

If you receive a suspicious call, take a breath and fact-check. Court summonses are always delivered by mail, not over the phone. Even if the caller has personal information like your name or address, that doesn’t make them credible. Scammers often use leaked or publicly available data to appear convincing.

Be extra cautious, even if the scam comes through text messages or email. Do not click on any suspicious links, as they can install malware on your device and steal your personal data.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.

3) Reduce your digital footprint to stop scammers

The truth is, your data is already out there, from old social media profiles to past breaches. That’s often how scammers get enough personal details to sound legitimate. Investing in a data removal service can help reduce your digital footprint by scrubbing your information from people-search sites and data brokers.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Victims of jury duty phone scams can block and report suspicious numbers to local law enforcement or fraud reporting agencies. (Kurt “CyberGuy” Knutsson)

4) Block and report scam numbers

If you receive a scam call, report it to local law enforcement or your country’s fraud reporting agency. After hanging up, block the number on your phone and report it to:

• FTC (USA): reportfraud.ftc.gov
• Local police or sheriff’s office
• Your phone carrier’s scam call reporting option

Many carriers allow you to forward scam texts to 7726 (SPAM).

5) Use call screening or spam protection apps

Apps like Truecaller, Hiya, and built-in features like Google Call Screen or Silence Unknown Callers on iPhones can detect and block fake calls automatically.

Pro Tip: Enable your phone’s “silence unknown callers” feature for extra protection. 

6) Talk to vulnerable family members

Older adults are frequent targets. Sit down with your parents, grandparents, or neighbors to explain how these scams work and what to watch for. A simple heads-up could stop a costly mistake.

What this means for you

Scammers are getting bolder and more convincing, but you can stay a step ahead. Knowing the signs of a jury duty phone scam, using smart tools like antivirus and call blockers and limiting your digital footprint can dramatically reduce your risk. Empower yourself and your loved ones with this knowledge.

Kurt’s key takeaway

Instead of relying on faceless phishing emails, scammers are now using hyper-personalized and emotionally charged phone calls. By impersonating local authorities and referencing civic duties like jury duty, they exploit both fear and a sense of responsibility. What makes this especially dangerous is how plausible it sounds, drawing on real processes that many people don’t fully understand.

Do you think law enforcement and government agencies are doing enough to educate the public about these scams? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.