The University of Rochester announced it is investigating a data breach.

The U of R says the breach was caused by a software vulnerability in a product provided by a third-party file transfer company used across the campus. The university says the breach has affected both the school and about 2,500 organizations worldwide.

The university says it's working with the Federal Bureau of Investigation and data professionals to learn what was seen and how many people were affected. This potentially includes students, faculty, staff and dependents.

“The University takes your privacy and the safeguarding of our data and systems extremely seriously and our University IT staff is working closely with the FBI and an outside data forensic firm to determine what information was compromised and what possible actions need to be taken,” the university said in a statement on its website. “At this time, we believe faculty, staff, and students could be impacted, but we do not yet know the full scope of the impact to University community members or which personal data was accessed, as the investigation is ongoing. We will provide updates as soon as available.”

The U of R asks anyone who may be affected to protect their personal information by changing their passwords, using multi-factor authentication and checking their personal banking statements.