UM
Company Details
Linkedin ID:
university-of-minnesota
Website:
Employees number:
27,883
Number of followers:
529,314
NAICS:
6113
Industry Type:
Homepage:
umn.edu
IP Addresses:
1140
Company ID:
UNI_3156784
Scan Status:
Completed
University of Minnesota Company CyberSecurity Posture
umn.edu
One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.
University of Minnesota A.I CyberSecurity Scoring
UM Risk Score (AI oriented)Between 750 and 799
UM
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UM Global Score (TPRM)XXXX
UM
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UM Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
University of Minnesota
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
UM Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UM
Incidents vs Higher Education Industry Average (This Year)
No incidents recorded for University of Minnesota in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for University of Minnesota in 2026.
Incident Types UM vs Higher Education Industry Avg (This Year)
No incidents recorded for University of Minnesota in 2026.
Incident History — UM (X = Date, Y = Severity)
UM cyber incidents detection timeline including parent company and subsidiaries
UM Company Subsidiaries
One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.
Loading...
UM Similar Companies
University of California, San Francisco
UC San Francisco is driven by the idea that when the best research, the best education and the best patient care converge, great breakthroughs are achieved. We pursue this integrated excellence with singular focus, fueled by collaboration among our top-ranked professional and graduate schools, medic
Virginia Tech
Dedicated to its motto, Ut Prosim (That I May Serve), Virginia Tech takes a hands-on, engaging approach to education, preparing scholars to be leaders in their fields and communities. As the commonwealth’s most comprehensive university and its leading research institution, Virginia Tech offers 215 u
Galileo Global Education
Galileo Global Education, world leader in independent higher education with 210,000 students, 61 schools and 106 campuses in 18 countries, placed employability and innovation at the heart of its strategy for 15 years. Galileo Global Education's mission is to enable everyone, regardless of their star
University of Ottawa
À l’Université d’Ottawa, la plus grande université bilingue au monde, la population étudiante peut choisir d’étudier en français, en anglais, ou dans les deux langues. Située au cœur de la capitale du Canada, pays du G8, notre université jouit d’un accès direct aux plus grandes institutions du pays.
University of Houston
Founded in 1927, the University of Houston is the leading public research university in the vibrant international city of Houston. Each year, we educate more than 47,000 students in more than 250 undergraduate and graduate academic programs, on campus and online. UH awards over 10,000 degrees annual
University of Louisville
The University of Louisville is a state supported research university located in Kentucky's largest metropolitan area. It was a municipally supported public institution for many decades prior to joining the university system in 1970. The University has three campuses. The 287-acre Belknap Campus is
Brown University
Located in historic Providence, Rhode Island and founded in 1764, Brown University is the seventh-oldest college in the United States. Brown is an independent, coeducational Ivy League institution comprising undergraduate and graduate programs, plus the Alpert Medical School, School of Public Health
Virginia Commonwealth University
We’re Virginia Commonwealth University — the university FOR Virginia. You will see an incredible mix of attitudes, styles and stories. Inclusion is our heartbeat and it drives us to tackle difficult challenges others can’t or won’t. We do things differently here, because we know that different w
Florida International University
FIU is Miami's public research university. Offering bachelor's, master's and doctoral degrees, both on campus and fully online. Designated a Preeminent State Research University, FIU emphasizes research as a major component in the university's mission. For more than 50 years, FIU has positioned
.png)
UM CyberSecurity News
January 10, 2026 11:24 PM
Top University of Minnesota grads are ‘at least as good, maybe better’ than the best and brightest from Harvard, former Goldman Sachs CEO says
When Lloyd Blankfein was CEO of Goldman Sachs, thousands of newly minted graduates from top universities joined the ranks of the investment...
December 25, 2025 10:53 PM
$5M University of Minnesota data breach class action settlement
The University of Minnesota data breach $5 million class action settlement will benefit individuals whose personal information was compromised in a 2021...
December 04, 2025 08:00 AM
NCAA-Bound Stags Volleyball Wins Third Consecutive MAAC Championship
Fairfield Volleyball has won a league-best 15 conference titles and will play at Minnesota in the NCAA first round.
September 12, 2025 07:00 AM
Metro State connects students to cybersecurity experts at first-ever colloquium on campus
SAINT PAUL, Minn. — When you work in security and intelligence, keeping secrets is a part of the job, but at Metro State University,...
September 10, 2025 07:00 AM
Metro State University hosts free cybersecurity community event: 'Think Safe Be Safe'
n response to a wave of recent cyberattacks that have disrupted city services and raised alarms across Twin Cities, Metro State University...
August 06, 2025 07:00 AM
Guarding Against the Next Cyberattack
In light of St. Paul's recent cyberattack, we asked the MN Cyber Institute's executive director to explain where systems fail.
July 31, 2025 07:00 AM
St. Paul cyber attack exposed what isn’t yet fixed in Minnesota
Minnesota has the right people, deep technical knowledge and years of leadership in securing critical infrastructure.
July 31, 2025 07:00 AM
Gov. Walz activates Minnesota National Guard to aid St. Paul after cyberattack
Gov. Tim Walz has activated the Minnesota National Guard to assist St. Paul in responding to a cyberattack on the capital city on Tuesday.
July 30, 2025 07:00 AM
Minnesota Activates National Guard in Response to Cyberattack
Minnesota Governor Tim Walz called in the National Guard to assist the City of Saint Paul in responding to a cyberattack.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UM CyberSecurity History Information
Official Website of University of Minnesota
The official website of University of Minnesota is http://z.umn.edu/9gi.
University of Minnesota’s AI-Generated Cybersecurity Score
According to Rankiteo, University of Minnesota’s AI-generated cybersecurity score is 778, reflecting their Fair security posture.
How many security badges does University of Minnesota’ have ?
According to Rankiteo, University of Minnesota currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has University of Minnesota been affected by any supply chain cyber incidents ?
According to Rankiteo, University of Minnesota has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does University of Minnesota have SOC 2 Type 1 certification ?
According to Rankiteo, University of Minnesota is not certified under SOC 2 Type 1.
Does University of Minnesota have SOC 2 Type 2 certification ?
According to Rankiteo, University of Minnesota does not hold a SOC 2 Type 2 certification.
Does University of Minnesota comply with GDPR ?
According to Rankiteo, University of Minnesota is not listed as GDPR compliant.
Does University of Minnesota have PCI DSS certification ?
According to Rankiteo, University of Minnesota does not currently maintain PCI DSS compliance.
Does University of Minnesota comply with HIPAA ?
According to Rankiteo, University of Minnesota is not compliant with HIPAA regulations.
Does University of Minnesota have ISO 27001 certification ?
According to Rankiteo,University of Minnesota is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of University of Minnesota
University of Minnesota operates primarily in the Higher Education industry.
Number of Employees at University of Minnesota
University of Minnesota employs approximately 27,883 people worldwide.
Subsidiaries Owned by University of Minnesota
University of Minnesota presently has no subsidiaries across any sectors.
University of Minnesota’s LinkedIn Followers
University of Minnesota’s official LinkedIn profile has approximately 529,314 followers.
NAICS Classification of University of Minnesota
University of Minnesota is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.
University of Minnesota’s Presence on Crunchbase
No, University of Minnesota does not have a profile on Crunchbase.
University of Minnesota’s Presence on LinkedIn
Yes, University of Minnesota maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/university-of-minnesota.
Cybersecurity Incidents Involving University of Minnesota
As of January 23, 2026, Rankiteo reports that University of Minnesota has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
University of Minnesota has an estimated 15,170 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at University of Minnesota ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does University of Minnesota detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with outside forensics specialists, and and communication strategy with providing options to prevent exploitation of personal information and alerting impacted individuals..
Incident Details
Can you provide details on each incident ?
Title: University of Minnesota Data Breach
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Date Detected: July 2021
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
Which entities were affected by each incident ?
Incident : Data Breach UNI84623823
Entity Name: University of Minnesota
Entity Type: Educational Institution
Industry: Education
Location: Minnesota, USA
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach UNI84623823
Third Party Assistance: Outside Forensics Specialists.
Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists, .
References
Where can I find more information about each incident ?
Incident : Data Breach UNI84623823
Source: University of Minnesota
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of Minnesota.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach UNI84623823
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Providing options to prevent exploitation of personal information and alerting impacted individuals.
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside Forensics Specialists, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on July 2021.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was outside forensics specialists, .
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is University of Minnesota.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
Azure Entra ID Elevation of Privilege Vulnerability
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=university-of-minnesota' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
