Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1810+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Mount Royal University Confirms Breach as Hackers Claim Attack
Mount Royal University Confirms Breach as Hackers Claim Attack
NEWS

Mount Royal University Confirms Breach as Hackers Claim Attack

Mount Royal University in Calgary has confirmed that hackers breached its network, stole data from file storage systems, and subsequently deleted it — leaving the institution scrambling to assess what was taken.

Dylan H.

News Desk

July 9, 2026
3 min read

Mount Royal University (MRU) in Calgary, Alberta has confirmed it suffered a cyberattack in which hackers gained unauthorized access to its network, exfiltrated data from file storage systems, and then deleted the stolen content from university servers — a destructive tactic increasingly used to pressure institutions into paying ransoms.

What Happened

The university disclosed the breach following claims from a hacking group asserting responsibility for the attack. MRU confirmed that data was taken from file storage systems, though the exact scope — including the types of data and number of individuals affected — was not immediately disclosed.

The attacker's playbook of stealing then deleting data mirrors tactics used by groups like Cl0p and others who leverage dual extortion: steal, delete originals, and demand payment to prevent public release.

Impact and Response

Mount Royal University has notified relevant authorities and is working with cybersecurity experts to investigate the full extent of the breach. The university has not confirmed whether personal information of students, faculty, or staff was among the stolen data.

Key concerns for affected individuals include:

  • Stolen academic records — grades, enrollment data, and research material
  • Personal identifiable information (PII) — contact details, student IDs, and financial aid data
  • Institutional research — depending on what was stored in the compromised file shares

MRU has stated it is taking steps to secure its systems and prevent further unauthorized access.

The Growing Threat to Canadian Post-Secondary Institutions

Canadian universities have become frequent targets for cybercriminals. The combination of large stores of personal data, research intellectual property, and often underfunded IT security teams makes them attractive targets.

In recent years, similar attacks have hit institutions across North America, with groups exploiting:

  • Unpatched VPN and remote access vulnerabilities
  • Weak multi-factor authentication enforcement
  • Over-permissioned file share access

What Affected Individuals Should Do

If you are a student, faculty member, or staff at Mount Royal University:

  1. Monitor your accounts for unusual activity, especially email and financial accounts
  2. Watch for phishing attempts — attackers often use stolen email lists for follow-up campaigns
  3. Consider a credit freeze if financial or government ID data may have been involved
  4. Check MRU's official communications for updates on what data was taken and remediation steps

Takeaway

The destroy-after-exfiltration tactic is designed to eliminate backup recovery as an option, maximizing leverage against victims. Until universities invest more heavily in zero-trust architectures, privileged access management, and immutable backups, these attacks will continue to succeed.

MRU joins a growing list of educational institutions learning this lesson the hard way.

#Data Breach#Education#Ransomware#Canada

Related Articles

Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk

Rising third-party breach incidents are forcing schools and universities to play defense as ransomware gangs and supply chain attackers increasingly...

5 min read

Government to Scrutinize Instructure Over Canvas

The House Committee on Homeland Security has demanded a briefing from Instructure, the company behind the Canvas LMS platform, after a ransomware attack...

4 min read

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65 TB Canvas Leak

Educational technology company Instructure, parent of Canvas LMS, has reached an undisclosed 'agreement' with the ShinyHunters extortion group after a...

4 min read
Back to all News