Skip to content
HighOnCity Calgary
NEWS

Mount Royal University confirms cyberattack stole student and staff data

The June breach accessed specific folders on MRU's H drive; affected individuals will be notified within the week. The university is offering two years of credit monitoring.

· 2 min read · HOC Calgary Desk
Mount Royal University confirms cyberattack stole student and staff data
★ FREE NEWSLETTER
Get the best of Calgary Region in your inbox

The day's top stories, food & events — every morning at 7. Unsubscribe anytime.

Mount Royal University confirmed Tuesday that a June cyberattack compromised employee and student information stored on the institution's H drive, a file storage system used by both groups.

An unauthorized actor accessed and took folders from the H drive, then deleted the data to impede recovery. The school said its analysis indicates the incident affected specific folders rather than the entire drive. MRU will begin directly notifying employees and students whose H drive folders were compromised within the coming week.

The attacker also deleted MRU's J drive, which contains departmental data. The university has not found evidence the J drive's data was accessed or copied before deletion, though a full recovery may not be possible.

The breach occurred on June 18, when the cyberattack disrupted MRU's website, online service MyMRU, on-campus internet access, and telephone services. The university does not have a timeline for full restoration of services, though a temporary public wireless network is available on campus.

As a precautionary measure, MRU is offering all current employees and anyone employed by the university in the last five years with two years of credit monitoring and identity theft protection services. Calgary police are investigating, and the university has reported the incident to the Alberta Information and Privacy Commissioner. Further analysis of the affected data and recoverability will take additional weeks or months.