Mount Royal University Confirms Data Breach After Hackers Claim Attack and Demand Ransom

Views: 34 views

377/69 Friday, July 10, 2026

Mount Royal University (MRU), a public university in Calgary, Canada, has disclosed a cyberattack that occurred on June 17, 2026, affecting several university systems, including online services, internet access, and some internal systems. The university stated that it engaged external technical teams and cybersecurity experts to assist with the investigation and system recovery. MRU is a university with a history spanning more than 100 years.

Preliminary investigation results found that the attackers were able to access and steal data from certain folders in the “H drive,” a file storage area used by students and staff. The data involved current and former students, current and former employees, and some other individuals. In addition, the attackers deleted data from the “J drive,” which is used to store information for internal university departments. However, MRU stated that it has not found evidence that data in the J drive was accessed or copied before it was deleted. The university is still attempting to recover the deleted data, although it may not be able to recover all of it. The incident has been reported to Alberta’s privacy regulator and law enforcement authorities.

The threat group CMD Organization has claimed responsibility for the attack and published samples of data it claims to have stolen, such as passport copies and other documents. The group demanded a ransom of 30 BTC, or approximately USD 1.9 million, and gave the university six days to respond, threatening to publish all stolen data if no response was received. MRU stated that recovery of the affected systems may take several weeks to several months and that it will provide further updates as progress is made. The university plans to notify affected individuals directly once the scope of the exposed data is clearly determined. It is also offering two years of credit monitoring and identity theft protection services to current employees and individuals who worked at the university within the past five years.

Source: https://www.bleepingcomputer.com/news/security/mount-royal-university-confirms-breach-as-hackers-claim-attack/