On December 23, 2022, Cincinnati State Technical Community College reported a data breach with the Montana Attorney General after the school learned that an unauthorized party was able to remove certain files containing confidential student information from its network. According to Cincinnati State, the breach resulted in students’ full names, addresses, dates of birth, Social Security numbers, driver’s licenses or state identification numbers, health insurance information, and financial account information being compromised. Recently, Cincinnati State sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

Data breaches like this one affect millions of people per year, and a large number of data breach victims end up being the target of identity theft and other frauds. If you received a data breach notification from Cincinnati State, it is essential you understand what is at risk and what you can do about it. To learn more about what you can do to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Cincinnati State data breach, please see our recent piece on the topic here.

What We Know About the Cincinnati State Data Breach

The available information regarding the Cincinnati State breach comes from the school’s filing with the Montana Attorney General’s Office. According to this source, on November 2, 2022, Cincinnati State Technical Community College determined that an unauthorized party may have gained access to the school’s computer network. While the organization did not provide any details about how an unauthorized party could have accessed its network, in response to learning about the incident, Cincinnati State disabled its network and began the process of restoring its systems. Next, Cincinnati State began working with cybersecurity professionals to investigate the incident in hopes of learning whether any student or faculty information was leaked as a result.

On November 15, 2022, the Cincinnati State Technical Community College investigation confirmed that an unauthorized party had gained access to its computer network between October 30, 2022 and November 2, 2022. Further investigation revealed that some of the files that were accessible to the unauthorized party contained confidential student information.

Upon discovering that sensitive student data was made available to an unauthorized party, Cincinnati State began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your full name, address, date of birth, Social Security number, driver’s license number, state identification number, health insurance information, and financial account information. On December 23, 2022, Cincinnati State sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

Founded in 1969, Cincinnati State Technical Community College is a public technical and community college located in Cincinnati, Ohio. The school offers over 130 degrees and certificates in business technologies, health and public safety, engineering and information technologies, humanities and sciences. Cincinnati State operates four campuses in Ohio, including in Clifton, Harrison, Evendale and Middletown. Cincinnati State has a student body of roughly 10,000 and an academic staff of over 650. Cincinnati State employs a total of more than 1,100 people and generates approximately $41 million in annual revenue.