The University of Winnipeg in Canada has confirmed that it experienced a data breach last month, resulting in the theft of sensitive information belonging to both current and former students and staff members.

With over 18,000 students and 800 staff, the university disclosed in a statement on Thursday that the compromised data likely includes personal information such as names, social insurance numbers, dates of birth, addresses, phone numbers, and compensation details.

The cyber incident was initially reported on March 25, prompting the institution to shut down various services. University President Dr. Todd Mondor later revealed that Winnipeg fell victim to a targeted cyber attack on its network.

The investigation into the breach is ongoing and could extend over several months. The university suspects that the attackers gained access to a file server, with the theft likely occurring in the week leading up to March 24.

In an effort to inform affected individuals, the university published details of the exposed data on a dedicated webpage. This includes information on current and former employees since 2003, including bank account details for those employed since 2015. Students enrolled since 2018 have also had their personal details compromised.

To assist those affected, the university will offer a two-year credit monitoring service and urges individuals to enroll. Additionally, insurance provisions will be provided to cover any subsequent fraudulent activity.

Expressing regret over the incident, the university emphasized its commitment to strengthening cybersecurity measures in response to this cybercrime.