UM
Company Details
Linkedin ID:
university-of-minnesota
Website:
Employees number:
27,883
Number of followers:
529,314
NAICS:
6113
Industry Type:
Homepage:
umn.edu
IP Addresses:
1140
Company ID:
UNI_3156784
Scan Status:
Completed
University of Minnesota Company CyberSecurity Posture
umn.edu
One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.
University of Minnesota A.I CyberSecurity Scoring
UM Risk Score (AI oriented)Between 750 and 799
UM
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UM Global Score (TPRM)XXXX
UM
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UM Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
University of Minnesota
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
UM Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UM
Incidents vs Higher Education Industry Average (This Year)
No incidents recorded for University of Minnesota in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for University of Minnesota in 2026.
Incident Types UM vs Higher Education Industry Avg (This Year)
No incidents recorded for University of Minnesota in 2026.
Incident History — UM (X = Date, Y = Severity)
UM cyber incidents detection timeline including parent company and subsidiaries
UM Company Subsidiaries
One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses in Minnesota including Crookston, Duluth, Morris, Rochester, and the Twin Cities (Minneapolis/St. Paul). University of Minnesota Extension provides outreach and education services to Minnesota's communities through science-based knowledge, expertise and training. The University of Minnesota was recognized by Forbes in 2018 in the Best Employer, Best Employer for Diversity, and Best Employer for New Grads categories.
Loading...
UM Similar Companies
University of Virginia
The University of Virginia was founded in 1819 as the model for modern universities that has since been emulated all over the world. After 200 years, this iconic institution of higher learning endures because it is fully immersed in meeting the greatest challenges of our time, day in and day out. It
Cornell University
Cornell is a privately endowed research university and a partner of the State University of New York. As the federal land-grant institution in New York State, we have a responsibility—unique within the Ivy League—to make contributions in all fields of knowledge in a manner that prioritizes public en
Arizona State University
ASU has developed a new model for the American research university, creating an institution committed to excellence, access and impact — the New American University. Nationally and internationally acclaimed, ASU ranks among the very best in nearly every critical measurement of student success, out
Università degli Studi di Padova
Established in 1222, the University of Padova is one of Europe’s oldest and most prestigious seats of learning. Here is where Galileo Galilei taught and Elena Lucrezia Cornaro Piscopia became the first woman in the world to receive a university degree. Traditionally a free-thinking and trailblazing
Florida International University
FIU is Miami's public research university. Offering bachelor's, master's and doctoral degrees, both on campus and fully online. Designated a Preeminent State Research University, FIU emphasizes research as a major component in the university's mission. For more than 50 years, FIU has positioned
University of California, San Francisco
UC San Francisco is driven by the idea that when the best research, the best education and the best patient care converge, great breakthroughs are achieved. We pursue this integrated excellence with singular focus, fueled by collaboration among our top-ranked professional and graduate schools, medic
Purdue University
Purdue University is a vast laboratory for discovery. The university is known not only for science, technology, engineering, and math programs, but also for our imagination, ingenuity, and innovation. It’s a place where those who seek an education come to make their ideas real — especially when thos
University of Waterloo
University of Waterloo is a leader in innovation that drives economic and social prosperity for Canada and the world. We are home to a renowned talent pipeline, game-changing research and technology, and unmatched entrepreneurial culture, that together create solutions to tackle today’s and tomorrow
Nanyang Technological University Singapore
A research-intensive public university, Nanyang Technological University, Singapore (NTU Singapore) has 33,000 undergraduate and postgraduate students in the Engineering, Business, Science, Medicine, Humanities, Arts, & Social Sciences, and Graduate colleges. NTU is also home to world-renowned au
.png)
UM CyberSecurity News
January 10, 2026 11:24 PM
Top University of Minnesota grads are ‘at least as good, maybe better’ than the best and brightest from Harvard, former Goldman Sachs CEO says
When Lloyd Blankfein was CEO of Goldman Sachs, thousands of newly minted graduates from top universities joined the ranks of the investment...
December 25, 2025 10:53 PM
$5M University of Minnesota data breach class action settlement
The University of Minnesota data breach $5 million class action settlement will benefit individuals whose personal information was compromised in a 2021...
December 04, 2025 08:00 AM
NCAA-Bound Stags Volleyball Wins Third Consecutive MAAC Championship
Fairfield Volleyball has won a league-best 15 conference titles and will play at Minnesota in the NCAA first round.
September 12, 2025 07:00 AM
Metro State connects students to cybersecurity experts at first-ever colloquium on campus
SAINT PAUL, Minn. — When you work in security and intelligence, keeping secrets is a part of the job, but at Metro State University,...
September 10, 2025 07:00 AM
Metro State University hosts free cybersecurity community event: 'Think Safe Be Safe'
n response to a wave of recent cyberattacks that have disrupted city services and raised alarms across Twin Cities, Metro State University...
August 06, 2025 07:00 AM
Guarding Against the Next Cyberattack
In light of St. Paul's recent cyberattack, we asked the MN Cyber Institute's executive director to explain where systems fail.
July 31, 2025 07:00 AM
St. Paul cyber attack exposed what isn’t yet fixed in Minnesota
Minnesota has the right people, deep technical knowledge and years of leadership in securing critical infrastructure.
July 31, 2025 07:00 AM
Gov. Walz activates Minnesota National Guard to aid St. Paul after cyberattack
Gov. Tim Walz has activated the Minnesota National Guard to assist St. Paul in responding to a cyberattack on the capital city on Tuesday.
July 30, 2025 07:00 AM
Minnesota Activates National Guard in Response to Cyberattack
Minnesota Governor Tim Walz called in the National Guard to assist the City of Saint Paul in responding to a cyberattack.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UM CyberSecurity History Information
Official Website of University of Minnesota
The official website of University of Minnesota is http://z.umn.edu/9gi.
University of Minnesota’s AI-Generated Cybersecurity Score
According to Rankiteo, University of Minnesota’s AI-generated cybersecurity score is 778, reflecting their Fair security posture.
How many security badges does University of Minnesota’ have ?
According to Rankiteo, University of Minnesota currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has University of Minnesota been affected by any supply chain cyber incidents ?
According to Rankiteo, University of Minnesota has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does University of Minnesota have SOC 2 Type 1 certification ?
According to Rankiteo, University of Minnesota is not certified under SOC 2 Type 1.
Does University of Minnesota have SOC 2 Type 2 certification ?
According to Rankiteo, University of Minnesota does not hold a SOC 2 Type 2 certification.
Does University of Minnesota comply with GDPR ?
According to Rankiteo, University of Minnesota is not listed as GDPR compliant.
Does University of Minnesota have PCI DSS certification ?
According to Rankiteo, University of Minnesota does not currently maintain PCI DSS compliance.
Does University of Minnesota comply with HIPAA ?
According to Rankiteo, University of Minnesota is not compliant with HIPAA regulations.
Does University of Minnesota have ISO 27001 certification ?
According to Rankiteo,University of Minnesota is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of University of Minnesota
University of Minnesota operates primarily in the Higher Education industry.
Number of Employees at University of Minnesota
University of Minnesota employs approximately 27,883 people worldwide.
Subsidiaries Owned by University of Minnesota
University of Minnesota presently has no subsidiaries across any sectors.
University of Minnesota’s LinkedIn Followers
University of Minnesota’s official LinkedIn profile has approximately 529,314 followers.
NAICS Classification of University of Minnesota
University of Minnesota is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.
University of Minnesota’s Presence on Crunchbase
No, University of Minnesota does not have a profile on Crunchbase.
University of Minnesota’s Presence on LinkedIn
Yes, University of Minnesota maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/university-of-minnesota.
Cybersecurity Incidents Involving University of Minnesota
As of January 23, 2026, Rankiteo reports that University of Minnesota has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
University of Minnesota has an estimated 15,170 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at University of Minnesota ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does University of Minnesota detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with outside forensics specialists, and and communication strategy with providing options to prevent exploitation of personal information and alerting impacted individuals..
Incident Details
Can you provide details on each incident ?
Title: University of Minnesota Data Breach
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Date Detected: July 2021
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
Which entities were affected by each incident ?
Incident : Data Breach UNI84623823
Entity Name: University of Minnesota
Entity Type: Educational Institution
Industry: Education
Location: Minnesota, USA
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach UNI84623823
Third Party Assistance: Outside Forensics Specialists.
Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists, .
References
Where can I find more information about each incident ?
Incident : Data Breach UNI84623823
Source: University of Minnesota
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of Minnesota.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach UNI84623823
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Providing options to prevent exploitation of personal information and alerting impacted individuals.
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside Forensics Specialists, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on July 2021.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was outside forensics specialists, .
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is University of Minnesota.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
Azure Entra ID Elevation of Privilege Vulnerability
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=university-of-minnesota' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
