Princeton University discovered a data breach exposing the personal information of alums, donors, faculty, staff members, and students. On November 10, threat actors targeted an employee in a phishing attack, compromising a database that contained biographical information related to the University’s fundraising and alums engagement activities. The threat actors were blocked less than 24 hours later and were unable to access other systems. Compromised information may include names, email addresses, telephone numbers, and home and business addresses. Officials noted that the database did not contain passwords, Social Security numbers, credit card information, or bank account records. Princeton University sent notifications on November 15 to all individuals with a valid email address in its database. The NJCCIC recommends that affected individuals review the Compromised PII and Identity Theft NJCCIC Informational Report.