Major Data Breach Hits Whitworth University

  1. Whitworth University in Spokane, Washington experienced a significant data breach on July 29, 2022, potentially affecting the personal information, including names and social security numbers, of over 65,000 individuals, most of whom are current or former employees.
  2. The University is responding by conducting an extensive investigation, bolstering network security, reviewing data storage and management procedures, and offering free credit monitoring and identity theft protection services through IDX to all affected individuals.

SPOKANE, Washington — Whitworth University, a well-known institution in the education sector, confirmed on Friday that it was hit by a significant data breach, potentially compromising the personal information of as many as 65,593 individuals.

According to a notification letter submitted by the University’s Associate Attorney, Rachel Cobble Pitts from Lewis Brisbois Bisgaard & Smith LLP, the breach occurred on July 29, 2022. It was discovered on the same day, pointing to an external system breach due to hacking.

The compromised information includes names and social security numbers of the affected individuals, many of whom are current or former employees of Whitworth University.

In the notification letter to the Attorney General of Maine, it was stated, “On July 29, 2022, we detected and stopped a ransomware attack in which an unauthorized third party accessed and disabled some of our systems.”

Although the University’s primary database, ERP Solution, remained unaffected by the breach, some working files stored by departments or individuals on the network share drives may have been impacted. The University has not yet discovered any evidence of specific misuse of the compromised information.

The University has assured those affected that data security remains one of its highest priorities. After detecting the incident, they initiated a prompt response, which included conducting an investigation with IT specialists, confirming the security of their network environment, and notifying law enforcement.

“We wiped and rebuilt affected systems and have taken steps to bolster our network security. We are also reviewing and altering our policies, procedures, and network security software relating to the security of our systems and servers, as well as how we store and manage data,” the letter stated.

To further mitigate the risk, Whitworth University is offering free credit monitoring and identity theft protection services through IDX, a leading identity protection technology company.

Affected individuals are encouraged to enroll in these services and take steps to further protect their personal information.

The Management Team of Whitworth University expressed their understanding of the frustration, concern, and inconvenience that this incident may have caused. The University remains committed to maintaining the security of all personal data it manages.

For more information or to ask further questions, affected individuals can reach out to IDX at 1-833-875-0646, Monday through Friday, 6:00 am – 6:00 pm PST.