Hackers publish personal information stolen during Harvard, UPenn data breaches
#ShinyHunters #Harvard University #University of Pennsylvania #Data Breach #Cybercrime #Extortion #Alumni Data #Social Engineering
📌 Key Takeaways
- ShinyHunters claimed responsibility for hacking Harvard and UPenn, publishing over one million records from each institution.
- The hackers initially sent emails to alumni from official university addresses, claiming political motives related to affirmative action.
- Both universities confirmed breaches in November 2023, attributing them to social engineering and voice phishing.
- The published data matches the types of information reported as stolen, including email addresses and donation details.
- UPenn is analyzing the data and will notify affected individuals if required by privacy regulations.
📖 Full Retelling
The cybercrime group ShinyHunters claimed responsibility for hacking Harvard University and the University of Pennsylvania (UPenn) in November 2023, publishing over one million records from each institution on their extortion website. On Wednesday, the group released the stolen data, which included sensitive information from alumni and development systems. Both universities had previously confirmed breaches, with UPenn attributing the attack to social engineering and Harvard to a voice phishing scam. The hackers initially sent emails to alumni from official university addresses, claiming political motives related to affirmative action policies, though ShinyHunters is not known for political activism. The published data matches the types of information both universities reported as stolen, including email addresses, phone numbers, and donation details. The hackers stated they released the data because the universities refused to pay a ransom. UPenn spokesperson Ron Ozio confirmed the university is analyzing the data and will notify affected individuals if required by privacy regulations. Harvard did not respond to requests for comment. TechCrunch verified portions of the data by cross-referencing it with alumni records and public documents.
🏷️ Themes
Cybercrime, Data Breach, Extortion, Education
Entity Intersection Graph
No entity connections available yet for this article.