Virtual Event Today: Cloud & Data Security Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Alumni, Student, and Staff Information Stolen From Harvard University

A phone phishing attack led to the compromise of a system containing information about alumni, donors, students, staff, and other individuals.

Harvard hack

Harvard University over the weekend disclosed a data breach impacting the personal information of alumni, donors, students, parents, staff, and other individuals.

The incident was discovered on November 18 and involved unauthorized access to systems used by its Alumni Affairs and Development department, the higher-education institution said in a Saturday notice.

Harvard said that it immediately blocked the attacker’s access to the impacted systems and that it launched an investigation in collaboration with third-party cybersecurity experts and law enforcement.

“We are continuing to closely monitor and have no evidence of further unauthorized access,” the university said on Saturday.

The potentially compromised information, Harvard said, includes data related to fundraising and alumni engagement activities, such as addresses, email addresses, phone numbers, donation details, event attendance, and other biographical information.

“The information systems that were accessed do not generally contain Social Security numbers, passwords, payment card information, or financial account numbers,” the institution said.

Advertisement. Scroll to continue reading.

Potentially impacted individuals, it said, include alumni, alumni spouses and partners, widows and widowers of alumni, current students, parents of current and former students, donors, and faculty and staff.

On November 22, Harvard sent email notifications to the potentially affected people who had an email address in the compromised systems, noting that the scope and impact of the data breach are yet to be determined.

The university did not say how many individuals may have had their personal information compromised, but said that it would share additional information on the incident as its investigation progresses.

Mirroring a similar intrusion suffered by Princeton University a week before, the data breach was the result of a phone phishing attack.

Harvard University is also one of the many victims of the recent Oracle E-Business Suite hacking campaign

Related: Major US Banks Impacted by SitusAMC Hack

Related: Columbia University Data Breach Impacts 860,000

Related: Texas Tech University Data Breach Impacts 1.4 Million People

Related: University System of Georgia Says 800,000 Impacted by MOVEit Hack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

N-able has appointed Russell Rosa as Chief Revenue Officer.

Stacy O'Mara has joined Armadin as Chief Policy Officer and Director of Global Government Affairs.

F5 has appointed Cathy Peterman as Chief People Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.