Back to Industry

Industry - Data Breach

moderateAnti-PrivacyData Breach

Executive Summary

Mount Royal University confirmed that a ransomware attack compromised employee and student data after an unauthorized actor accessed, copied, and deleted information from the school's file storage system. The attacker targeted the university's H drive, which contains personal information from staff work and student academics, and deleted corporate data from the J drive, though the school found no evidence that J drive data was accessed before deletion. MRU is offering two years of credit moni...

What Happened

Mount Royal University confirmed a ransomware attack in which an unauthorized actor accessed, copied, and deleted data from the university's H drive file storage system used by employees and students. The attacker also deleted corporate data from the J drive, though the university found no evidence that J drive information was accessed or copied before deletion. The incident, which occurred in June 2026, disrupted various university services including the website, online platforms, internet access, and telephone systems.

Who Is Affected

Current and former Mount Royal University employees from the past five years are affected, as are students whose H drive folders contained personal information related to their academic work. The university stated that specific folders rather than the entire H drive were compromised, and it plans to directly notify affected individuals within the coming week. Corporate data about university staff stored on the J drive was also deleted, though the extent of exposure remains unclear.

Why It Matters

This incident demonstrates how educational institutions remain vulnerable targets for ransomware attacks, with threat actors gaining access to sensitive personal information of both employees and students. The potential inability to fully recover deleted J drive data highlights the lasting impact such attacks can have on institutional operations and records. The university's decision to offer credit monitoring only to employees, while stating student data presents a different risk profile, raises questions about differential treatment of affected parties in data breach responses.

What You Should Do

If you are a current or former Mount Royal University employee from the past five years, enroll in the two years of credit monitoring and identity theft protection services being offered by the university. Watch for direct notification from MRU if your H drive folders were compromised and follow any specific guidance provided. Monitor your financial accounts and credit reports for suspicious activity, and consider placing a fraud alert or credit freeze on your credit files as an additional precaution.

Summary generated from verified sources and reviewed before publication. How we summarize.

Mount Royal University confirmed that a ransomware attack compromised employee... - Industry | PrivacyWire