Mount Royal University's H-Drive data breached in ransomware attack affecting students and staff
MRU confirmed July 7 that unauthorized actors accessed and deleted files from the H-Drive storage system used by current and former employees and students.
The day's top stories, food & events — every morning at 7. Unsubscribe anytime.
Mount Royal University confirmed July 7 that an unauthorized actor accessed and deleted files from the H-Drive, a storage system used by individual employees and students across campus.
The university first announced the cyberattack on June 18, 2026. An investigation showed that specific folders on the H-Drive were accessed and copied before being deleted by the attacker to impede recovery. The attack also targeted the J-Drive, which contains departmental data — MRU says there is currently no evidence that J-Drive data was accessed or copied, though a full recovery may not be possible.
The H-Drive is not meant to store personal information, but depending on what individuals chose to keep there, it may contain sensitive files. Students have used it to access assignments and readings or store digital audio, video, image, and text files. Employees may have stored lesson plans, presentation files, and grading materials. MRU is providing notice to all individuals whose folders were compromised.
The attack also forced other services offline, including the university's phones and website. MRU is restoring services in a controlled manner and has confirmed the incident involved a ransomware threat actor. The university is offering two years of credit monitoring for all current employees and those employed within the past five years but is not extending that offer to student users who stored personal files on the H-Drive.
This marks the latest cyberattack on a Calgary institution after a failed ransomware attempt against Calgary Public Library in 2024.