Mount Royal University hit by ransomware with data theft and extortion demand
Mount Royal University in Calgary confirmed a ransomware cyberattack on June 17, 2026, in which an unauthorized actor exfiltrated data from the university's H drive file storage and wiped the original copies. The threat group CMD Organization claimed responsibility, listed the university on its auction-style extortion site, and demanded 30 BTC (~$1.9 million). The incident disrupted online services and internal systems; the university has reported to the Alberta Information and Privacy Commissioner and law enforcement, and is offering two years of credit monitoring to current and recent employees. Recovery is expected to take weeks to months.
AI-generated from linked source reports. See our correction policy.
Impact verdict
Low impact. Single public-university ransomware event with data exfiltration, system wiping, and a stated ~$1.9 million ransom demand. Realised insured loss is likely dominated by incident response, forensic, notification, credit monitoring, and business interruption costs, which for a single institution of this profile typically fall below the USD 100 million threshold. No evidence of multi-institution disruption, vendor compromise, or systemic aggregation risk. Potential impact remains LOW.
View assessment methodologyPremium discovery tier
Unlock analyst briefs, intelligence depth, and the revision timeline
Public pages show event facts and a short lead-in. Premium accounts unlock analyst briefs, deeper intelligence, loss context, and the full revision history for this event.
Start two-week trialAffected countries
Lloyd's classifications
Tracking this kind of risk? Get an email when Cyber events escalate.
Get alerts