Cyber Incident Victim: Skidmore College

On February 17, 2023, Skidmore College detected suspicious activity within its systems through an automated alert, prompting immediate investigation and containment measures. The institution changed passwords, deployed new threat detection and monitoring software, notified law enforcement agencies, and engaged external cybersecurity professionals alongside data privacy legal counsel to manage the incident. Forensic analysis determined an unauthorized actor had infiltrated Skidmore's network prior to deploying ransomware that encrypted a limited portion of faculty and staff filesharing infrastructure. Investigators identified potential exfiltration risks involving business and financial files stored within the compromised systems. The college retained a third-party data mining team to analyze the affected dataset for personal information exposure, followed by manual verification to confirm impacted individuals' identities and collect available contact details.

The investigation confirmed unauthorized access to systems containing personal information of 134 New Hampshire residents, though no evidence of identity theft or fraudulent misuse emerged. On September 15, 2023, Skidmore mailed individual breach notifications to affected residents, including an offer of complimentary credit monitoring services, while simultaneously submitting regulatory disclosures to the New Hampshire Attorney General's office. Remediation efforts focused on system containment, forensic review coordination, and implementation of enhanced security controls throughout the seven-month investigation period. The ransomware attack specifically targeted institutional filesharing infrastructure rather than student information systems, with encryption confined to a subset of faculty and staff operational files. Skidmore's response prioritized containment within 24 hours of detection, multi-phase data analysis to establish breach scope, and regulatory compliance through coordinated notification timelines.