On March 25, 2025, Lee University filed a notice of data breach with the Attorney General of New Hampshire after discovering that an unauthorized party was able to access information that had been provided to the institution. In this notice, Lee University explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information. Upon completing its investigation, Lee University began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Lee University, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Lee University data breach. For more information, please see our recent piece on the topic here.
What Caused the Lee University Data Breach?
The Lee University data breach was only recently announced, and more information is expected in the near future. However, Lee University’s filing with the Attorney General of New Hampshire provides some important information on what led up to the breach. Lee University also posted a website notice discussing the incident.
According to these sources, in March 2024, Lee University experienced a data security incident that impacted the school’s computer network. In response, Lee University contained the incident and then launched an investigation with the help of third-party cybersecurity experts.
Through this investigation, Lee University confirmed that an unauthorized party was able to exploit a vulnerability in third-party software used by the University. The investigation also revealed that, as a result of the incident, the unauthorized party gained access to and downloaded confidential information belonging to certain individuals.
After learning that sensitive consumer data was accessible to an unauthorized party, Lee University reviewed the compromised files to determine what information was leaked and which consumers were impacted. In March 2025, Lee University completed this process. Unfortunately, the publicly available data breach letter on the New Hampshire Attorney General’s website doesn’t mention the type of information that was compromised; however, on March 25, 2025, Lee University sent out personalized data breach letters to those affected by the incident. These personalized letters should provide victims with a list of what information belonging to them was compromised.
More Information About Lee University
Lee University is a private Christian university located in Cleveland, Tennessee, offering a wide range of undergraduate, graduate, and online degree programs across disciplines such as liberal arts, education, business, music, and religion. Affiliated with the Church of God, the university emphasizes academic excellence, spiritual development, and global service. Known for its close-knit campus community and faith-based learning environment, Lee University serves a diverse student body. The organization employs approximately 1,758 people and generates an estimated $303 million in annual revenue.
