In an age where institutions of higher education constantly fall under the threat of cyber attacks, it is imperative that cyber security be taken seriously. In order to protect students, faculty, and staff, institutions must understand the risks associated with providing student data to organizations that do not practice good cyber hygiene. McGraw Hill, a higher education publishing company, was involved in a privacy breach that exposed thousands of files containing student data. Third-party breaches, such as this, can pose a major threat to universities and those whose data the university holds.