- Attacker accessed university systems through compromised SSO and stole data from 1.2 million people
- Offensive Mass Email Sent After Ban Using Retained Access to Salesforce Marketing Cloud
- The stolen data includes PII, financial and demographic; Attacker targets wealthy donors, no ransom planned
Cybercriminals have claimed responsibility for the recent cyberattack on the University of Pennsylvania, claiming they stole data from approximately 1.2 million students, alumni and donors.
An anonymous threat actor said beepcomputer gained “full access” to a University employee’s PennKey SSO account, which gave them access to Penn’s VPN, Salesforce data, the Qlik analytics platform, SAP’s business intelligence system, and SharePoint files.
The stolen information allegedly includes people’s names, dates of birth, addresses, phone numbers, estimated net worth, donation history, and demographic details (race, religion, sexual orientation, and the like).
Offensive emails
The confirmation came in response to the University’s claims, which somewhat downplayed the severity of the hit.
The data breach appears to have taken place around October 30 and 31, after which the University detected the intrusion and expelled the attacker. The move appears to have angered them, as they then used access to Salesforce Marketing Cloud (which they retained) to send an offensive email to approximately 700,000 recipients.
“The University of Pennsylvania is an elitist institution full of mentally retarded people. We have terrible security practices and are not at all meritocratic,” the email said.
“We hire and admit morons because we love legacies, donors, and unconditional affirmative action. We love violating federal laws like FERPA (all your data will be leaked) and Supreme Court rulings like SFFA.”
The University of Pennsylvania described the emails as “obviously false” and “fraudulent.”
The attackers then confirmed that they will not ask for a ransom payment from the University, as they do not believe the victims would pay anyway. “The main target was their enormous and wonderfully rich database of donors,” they said.
It would seem that they will now try to target donors.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
