Ransomware victim disclosure
← All victimsMiami University
Claimed by Nokoyawa · listed 3 years ago
Status timeline
- ListedMay 23, 2023
- Data leakeddate unknown
At a glance
- Group
- Nokoyawa
- Status
- Data leaked
- Country
- United States
- Sector
- Education
- Listed on leak site
- May 23, 2023
About the victim
AI dossier — public-source company profileMiami University is a public research university founded in 1809 and located in Oxford, Ohio. It is consistently ranked among the top public universities in the United States, offering undergraduate, graduate, and online programs across multiple campuses including Oxford, regional campuses, and a Luxembourg campus. It serves tens of thousands of students and is recognized for undergraduate teaching excellence and career outcomes.
- Industry
- Higher Education
- Address
- 501 E High St, Oxford, Ohio 45056, United States
- Employees
- 1001-5000
- Founded
- 1809
Attack summary
Severity: critical — Miami University is a large public university whose systems likely contain regulated PII at scale, including student records (FERPA-protected), employee records, and potentially health and financial data for tens of thousands of individuals; data has been confirmed published by the threat actor.The Nokoyawa ransomware group claims to have attacked Miami University and has published data, indicating exfiltration of university data; the post does not specify an encryption event or ransom demand, but the disclosed status confirms data has been released.
Data the group says was taken
AI dossier — extracted from the leak post- University administrative records
- Student data
- Faculty and staff records
- Financial records
- Research data
What the group claims
Established in 1809, Miami University is consistently ranked among the top 50 national public universities by the U.S. News & World Report for providing students with an Ivy League-quality education at a public-school price. Located in quintessential college town Oxford, Ohio-with...
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

