Potentially Compromised Applicant Admission System

Published:
March 08, 2019

Today the following message was sent to students with records in the Grinnell College admission system:

Dear Student,

I am writing to inform you of a security incident that may involve information you provided to Grinnell College as a prospective student or applicant for admission. On March 7, 2019, the College learned that an unauthorized person accessed the system that houses admission-related information. Upon learning of the situation, we promptly began an investigation, engaged cybersecurity professionals to assist us, took steps to prevent further unauthorized access to applicant records, and reported the incident to the FBI.

We take this situation very seriously and we are sorry for the concern and inconvenience this may cause you. Since learning of this incident, we have come to understand that this cyberattack on Grinnell College data was the most recent of three reported attacks on admission-related information at U.S. colleges.

As part of our investigation, we learned that the individual(s) may have emailed you requesting payment in exchange for access to admissions information from the Grinnell College system. You may receive or have received such an email. If so, do not reply or respond; disregard it.

We have no evidence at this time that this incident has included personal financial information provided by students or parents on financial aid applications. Financial information is maintained in a separate system than the one where some admission data may have been compromised, and at this time there is no evidence that system was accessed by an unauthorized user.

Cybersecurity experts and law enforcement agents are continuing investigations into this incident to determine the specifics of any data that may have been compromised; however, at this time we have no evidence that any images or files of application essays, letters of recommendation, transcripts, or other supporting documents sent to us as part of an application for admission were compromised.

Safeguarding the privacy and security of all information, including applicant information, is a top priority for us. We are taking significant measures to protect your information and prevent recurrence of a similar issue in the future. We are working with experts on campus as well as leading cybersecurity professionals to ensure that students are protected and fully informed. If the situation warrants, we will provide updated information as it becomes available.

If you have any further questions regarding this incident, please call our dedicated and confidential toll-free response line available at 888-526-1229, starting at Noon (CT) on Monday, March 11. This response line will be staffed with professionals familiar with this incident. The regular hours of operation will be Monday through Friday, 8 a.m. to 8 p.m. Central Time.

Grinnell respects your privacy and is committed to protecting your personal data and keeping it secure; you can learn more about the Grinnell College Privacy Policy on our website. Updates will be available on our website at Potential Admission Data Compromise.

On behalf of Grinnell College, please accept my sincere apology for any distress this incident may cause you or your family.

Sincerely,

Joseph P. Bagnoli, Ph.D.
Vice-President for Enrollment
Dean of Admission & Financial Aid
Grinnell College

We use cookies to enable essential services and functionality on our site, enhance your user experience, provide better service through personalized content, collect data on how visitors interact with our site, and enable advertising services.

To accept the use of cookies and continue on to the site, click "I Agree." For more information about our use of cookies and how to opt out, please refer to our website privacy policy.