Baker University Says 2024 Breach Might Have Included Sensitive Data

The university “discovered suspicious activity related to certain systems which resulted in a network outage” in December 2024, a release said. Baker then took “immediate steps to secure its environment and launched an investigation.”

The investigation found “unauthorized access and/or acquisition of certain files and folders within Baker's network between December 2, 2024, and December 19, 2024,” which then underwent “extensive review” to determine if any sensitive information had been compromised, and if so, whom it belonged to.

Baker determined information of those affiliated with the university may have been compromised. The data included financial account information, health insurance information, passport information, tax identification number and student identification number, among other data.

The university lacks "evidence to indicate that any of the compromised information was subject to actual or attempted identity theft or fraud,” but is providing complimentary credit monitoring services to those affected. In addition to notifying impacted individuals, Baker informed state and federal regulators of the incident.

The school “also reviewed existing security policies and implemented additional measures to further protect against similar incidents moving forward.”

The university failed to say how many people were affected. The Maine attorney general’s office reported Friday that 53,624 people were affected. The Vermont, New Hampshire and California AGs reported the breach on Friday as well, while the Texas AG reported it Monday.