On March 22, 2025, New York University’s (NYU) website was compromised for approximately two hours. The hacker, known as “@bestn-gy” on social media, replaced the homepage with charts displaying alleged SAT and ACT scores, as well as GPAs for the 2024 admissions cycle, segmented by race.
The page also featured a message referencing the Supreme Court’s June 2023 ruling that deemed racial affirmative action in college admissions illegal, stating, “On June 29, 2023, racial affirmative action in college admissions was ruled illegal. Computer N-gy Exploitation (CNE) reveals NYU continued anyway.”
The compromised page included downloadable files purportedly containing data on over 3 million applicants, detailing names, test scores, majors, zip codes, and family and financial aid information dating back to 1989.
The hacker claimed that this data was sourced directly from NYU’s data warehouse. It’s important to note that the authenticity of this data has not been confirmed.
NYU’s IT team responded promptly, halting the redirection and restoring the website to its normal state by 12:54 p.m. The university reported the incident to law enforcement and is reviewing its security measures to prevent future breaches.
This incident raises concerns about the security of personal data at academic institutions and highlights ongoing debates regarding race-sensitive admissions practices. As investigations continue, it’s advisable to stay informed through official NYU communications and trusted news sources.