Badge
11,371 badges added since 01 January 2025
ISO 27001 Certificate
SOC 1 Type I Certificate
SOC 2 Type II Certificate
PCI DSS
HIPAA
RGPD
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.

University of Minnesota A.I CyberSecurity Scoring

UM

Company Details

Linkedin ID:

university-of-minnesota

Employees number:

27,883

Number of followers:

529,314

NAICS:

6113

Industry Type:

Higher Education

Homepage:

umn.edu

IP Addresses:

1140

Company ID:

UNI_3156784

Scan Status:

Completed

AI scoreUM Risk Score (AI oriented)

Between 750 and 799

https://images.rankiteo.com/companyimages/university-of-minnesota.jpeg
UM Higher Education
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreUM Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/university-of-minnesota.jpeg
UM Higher Education
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

UM Company CyberSecurity News & History

Past Incidents
1
Attack Types
1
EntityTypeSeverityImpactSeenBlog DetailsSupply Chain SourceIncident DetailsView
University of MinnesotaBreach10057/2021NA
Rankiteo Explanation :
Attack threatening the organization’s existence

Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.

University of Minnesota
Breach
Severity: 100
Impact: 5
Seen: 7/2021
Blog:
Supply Chain Source: NA
Rankiteo Explanation
Attack threatening the organization’s existence

Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.

Ailogo

UM Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

🔒
Incident Predictions locked
Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

🔒
A.I. Risk Score Predictions locked
Access Monitoring Plan
statics

Underwriter Stats for UM

Incidents vs Higher Education Industry Average (This Year)

No incidents recorded for University of Minnesota in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for University of Minnesota in 2026.

Incident Types UM vs Higher Education Industry Avg (This Year)

No incidents recorded for University of Minnesota in 2026.

Incident History — UM (X = Date, Y = Severity)

UM cyber incidents detection timeline including parent company and subsidiaries

UM Company Subsidiaries

SubsidiaryImage

One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.

Loading...
similarCompanies

UM Similar Companies

University of California, San Francisco

UC San Francisco is driven by the idea that when the best research, the best education and the best patient care converge, great breakthroughs are achieved. We pursue this integrated excellence with singular focus, fueled by collaboration among our top-ranked professional and graduate schools, medic

Virginia Tech

Dedicated to its motto, Ut Prosim (That I May Serve), Virginia Tech takes a hands-on, engaging approach to education, preparing scholars to be leaders in their fields and communities. As the commonwealth’s most comprehensive university and its leading research institution, Virginia Tech offers 215 u

Galileo Global Education

Galileo Global Education, world leader in independent higher education with 210,000 students, 61 schools and 106 campuses in 18 countries, placed employability and innovation at the heart of its strategy for 15 years. Galileo Global Education's mission is to enable everyone, regardless of their star

University of Ottawa

À l’Université d’Ottawa, la plus grande université bilingue au monde, la population étudiante peut choisir d’étudier en français, en anglais, ou dans les deux langues. Située au cœur de la capitale du Canada, pays du G8, notre université jouit d’un accès direct aux plus grandes institutions du pays.

University of Houston

Founded in 1927, the University of Houston is the leading public research university in the vibrant international city of Houston. Each year, we educate more than 47,000 students in more than 250 undergraduate and graduate academic programs, on campus and online. UH awards over 10,000 degrees annual

University of Louisville

The University of Louisville is a state supported research university located in Kentucky's largest metropolitan area. It was a municipally supported public institution for many decades prior to joining the university system in 1970. The University has three campuses. The 287-acre Belknap Campus is

Brown University

Located in historic Providence, Rhode Island and founded in 1764, Brown University is the seventh-oldest college in the United States. Brown is an independent, coeducational Ivy League institution comprising undergraduate and graduate programs, plus the Alpert Medical School, School of Public Health

Virginia Commonwealth University

We’re Virginia Commonwealth University — the university FOR Virginia. You will see an incredible mix of attitudes, styles and stories. Inclusion is our heartbeat and it drives us to tackle difficult challenges others can’t or won’t. We do things differently here, because we know that different w

Florida International University

FIU is Miami's public research university. Offering bachelor's, master's and doctoral degrees, both on campus and fully online. Designated a Preeminent State Research University, FIU emphasizes research as a major component in the university's mission. For more than 50 years, FIU has positioned

newsone

UM CyberSecurity News

January 10, 2026 11:24 PM
Top University of Minnesota grads are ‘at least as good, maybe better’ than the best and brightest from Harvard, former Goldman Sachs CEO says

When Lloyd Blankfein was CEO of Goldman Sachs, thousands of newly minted graduates from top universities joined the ranks of the investment...

December 25, 2025 10:53 PM
$5M University of Minnesota data breach class action settlement

The University of Minnesota data breach $5 million class action settlement will benefit individuals whose personal information was compromised in a 2021...

December 04, 2025 08:00 AM
NCAA-Bound Stags Volleyball Wins Third Consecutive MAAC Championship

Fairfield Volleyball has won a league-best 15 conference titles and will play at Minnesota in the NCAA first round.

September 12, 2025 07:00 AM
Metro State connects students to cybersecurity experts at first-ever colloquium on campus

SAINT PAUL, Minn. — When you work in security and intelligence, keeping secrets is a part of the job, but at Metro State University,...

September 10, 2025 07:00 AM
Metro State University hosts free cybersecurity community event: 'Think Safe Be Safe'

n response to a wave of recent cyberattacks that have disrupted city services and raised alarms across Twin Cities, Metro State University...

August 06, 2025 07:00 AM
Guarding Against the Next Cyberattack

In light of St. Paul's recent cyberattack, we asked the MN Cyber Institute's executive director to explain where systems fail.

July 31, 2025 07:00 AM
St. Paul cyber attack exposed what isn’t yet fixed in Minnesota

Minnesota has the right people, deep technical knowledge and years of leadership in securing critical infrastructure.

July 31, 2025 07:00 AM
Gov. Walz activates Minnesota National Guard to aid St. Paul after cyberattack

Gov. Tim Walz has activated the Minnesota National Guard to assist St. Paul in responding to a cyberattack on the capital city on Tuesday.

July 30, 2025 07:00 AM
Minnesota Activates National Guard in Response to Cyberattack

Minnesota Governor Tim Walz called in the National Guard to assist the City of Saint Paul in responding to a cyberattack.

faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

UM CyberSecurity History Information

Official Website of University of Minnesota

The official website of University of Minnesota is http://z.umn.edu/9gi.

University of Minnesota’s AI-Generated Cybersecurity Score

According to Rankiteo, University of Minnesota’s AI-generated cybersecurity score is 778, reflecting their Fair security posture.

How many security badges does University of Minnesota’ have ?

According to Rankiteo, University of Minnesota currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has University of Minnesota been affected by any supply chain cyber incidents ?

According to Rankiteo, University of Minnesota has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does University of Minnesota have SOC 2 Type 1 certification ?

According to Rankiteo, University of Minnesota is not certified under SOC 2 Type 1.

Does University of Minnesota have SOC 2 Type 2 certification ?

According to Rankiteo, University of Minnesota does not hold a SOC 2 Type 2 certification.

Does University of Minnesota comply with GDPR ?

According to Rankiteo, University of Minnesota is not listed as GDPR compliant.

Does University of Minnesota have PCI DSS certification ?

According to Rankiteo, University of Minnesota does not currently maintain PCI DSS compliance.

Does University of Minnesota comply with HIPAA ?

According to Rankiteo, University of Minnesota is not compliant with HIPAA regulations.

Does University of Minnesota have ISO 27001 certification ?

According to Rankiteo,University of Minnesota is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Industry Classification of University of Minnesota

University of Minnesota operates primarily in the Higher Education industry.

Number of Employees at University of Minnesota

University of Minnesota employs approximately 27,883 people worldwide.

Subsidiaries Owned by University of Minnesota

University of Minnesota presently has no subsidiaries across any sectors.

University of Minnesota’s LinkedIn Followers

University of Minnesota’s official LinkedIn profile has approximately 529,314 followers.

NAICS Classification of University of Minnesota

University of Minnesota is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.

University of Minnesota’s Presence on Crunchbase

No, University of Minnesota does not have a profile on Crunchbase.

University of Minnesota’s Presence on LinkedIn

Yes, University of Minnesota maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/university-of-minnesota.

Cybersecurity Incidents Involving University of Minnesota

As of January 23, 2026, Rankiteo reports that University of Minnesota has experienced 1 cybersecurity incidents.

Number of Peer and Competitor Companies

University of Minnesota has an estimated 15,170 peer or competitor companies worldwide.

What types of cybersecurity incidents have occurred at University of Minnesota ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

How does University of Minnesota detect and respond to cybersecurity incidents ?

Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with outside forensics specialists, and and communication strategy with providing options to prevent exploitation of personal information and alerting impacted individuals..

Incident Details

Can you provide details on each incident ?

Incident : Data Breach

Title: University of Minnesota Data Breach

Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.

Date Detected: July 2021

Type: Data Breach

What are the most common types of attacks the company has faced ?

Common Attack Types: The most common types of attacks the company has faced is Breach.

Impact of the Incidents

Which entities were affected by each incident ?

Incident : Data Breach UNI84623823

Entity Name: University of Minnesota

Entity Type: Educational Institution

Industry: Education

Location: Minnesota, USA

Response to the Incidents

What measures were taken in response to each incident ?

Incident : Data Breach UNI84623823

Third Party Assistance: Outside Forensics Specialists.

Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals

How does the company involve third-party assistance in incident response ?

Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists, .

References

Where can I find more information about each incident ?

Incident : Data Breach UNI84623823

Source: University of Minnesota

Where can stakeholders find additional resources on cybersecurity best practices ?

Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of Minnesota.

Investigation Status

What is the current status of the investigation for each incident ?

Incident : Data Breach UNI84623823

Investigation Status: Ongoing

How does the company communicate the status of incident investigations to stakeholders ?

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Providing options to prevent exploitation of personal information and alerting impacted individuals.

Post-Incident Analysis

What is the company's process for conducting post-incident analysis ?

Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside Forensics Specialists, .

Additional Questions

Incident Details

What was the most recent incident detected ?

Most Recent Incident Detected: The most recent incident detected was on July 2021.

Response to the Incidents

What third-party assistance was involved in the most recent incident ?

Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was outside forensics specialists, .

References

What is the most recent source of information about an incident ?

Most Recent Source: The most recent source of information about an incident is University of Minnesota.

Investigation Status

What is the current status of the most recent investigation ?

Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.

cve

Latest Global CVEs (Not Company-Specific)

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description

Azure Entra ID Elevation of Privilege Vulnerability

Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description

Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.

Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.

Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=university-of-minnesota' -H 'apikey: YOUR_API_KEY_HERE'

What Do We Measure ?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
Users Love Us Badge