- Harvard says Alumni Affairs and Development systems were breached
- A voice phishing attack was to blame, according to the University
- Personal data exposed, but no financial information or passwords were affected.
Harvard University has confirmed that some of its systems were compromised in a recent cyberattack in which personal data of past and present students, staff, and donors was exposed.
In a data breach notification letter, the prestigious Ivy League University said a voice phishing attack allowed hackers to access its Development and Alumni Affairs systems.
This led to information about alumni, donors, some faculty and staff, and some current students being breached, and spouses, partners, and parents of alumni, as well as current and former students, were also affected.
Attack on Harvard
“On Tuesday, November 18, 2025, Harvard University discovered that an unauthorized party accessed information systems used by Alumni Affairs and Development as a result of a telephone phishing attack,” the letter said.
“The University acted immediately to remove the attacker’s access to our systems and prevent further unauthorized access. We are writing to inform you that your information may have been accessed and so that you can be alert for any unusual communications purporting to come from the University.”
Harvard said the compromised data included email addresses, phone numbers, home and business addresses, event attendance records, donation details, and “biographical information related to the University’s fundraising and alumni engagement activities.”
Fortunately, the affected IT systems did not contain Social Security numbers, passwords, payment card information, or financial information.
However, even with just “basic” data exposed, cybercriminals will have enough to launch destructive attacks, the university warned, adding that it is working with authorities and outside cybersecurity experts to investigate the incident.
By knowing people’s full names, addresses, and university connections, they can create convincing phishing emails, trick victims into sharing their login credentials, or even make fraudulent payments.
Harvard has urged potentially affected individuals to be alert for unusual or suspicious calls, text messages or emails claiming to be from the university, particularly those requesting reset passwords or sensitive information.
This news marks the third American Ivy League university to be attacked in recent weeks, with Princeton University and the University of Pennsylvania also recently revealing data breaches related to donor information.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
