Hackers Post Records On Leak Site
A hacking group known as ShinyHunters said it was responsible for last year’s data breaches at Harvard University and the University of Pennsylvania and has published what it claims are stolen records from both schools, placing the material on a leak site the group uses to pressure victims.
On Wednesday, ShinyHunters published what it said were more than one million records from each university. The group said it released the data after the schools refused to pay a ransom. Cybercriminal groups often demand payment in exchange for not publishing stolen information and release the material when victims decline.
Details Of The UPenn And Harvard Incidents
In November, the University of Pennsylvania confirmed a breach involving what it described as a select group of systems tied to development and alumni activities. At the time, hackers also sent emails to alumni from official university addresses announcing the intrusion. The university said the attack involved social engineering, a method that relies on impersonation or deception to trick people into taking actions they would not normally take.
On its breach disclosure page, which has since been taken offline, UPenn did not specify exactly what data was taken, saying only that systems linked to development and alumni activities were accessed. TechCrunch said it verified part of the dataset by checking it with alumni and public records, including matching information against student ID numbers.
Later in November, Harvard University also confirmed a breach affecting its alumni systems. The university said the incident stemmed from a voice phishing attack, a method in which attackers use phone calls to persuade targets to click on links or open attachments. The hackers told TechCrunch the intrusions were part of phishing campaigns that targeted Okta and single sign-on providers.
Harvard said the stolen information included email addresses, phone numbers, home and business addresses, event attendance records, donation details, and other biographical data linked to fundraising and alumni engagement. TechCrunch said the data posted by ShinyHunters appears to match the categories of information both universities said were taken.
Ransom Claims And Political Language
ShinyHunters said it published the data because the universities declined to pay. During the UPenn breach, the hackers sent an email to alumni that included language critical of affirmative action policies, writing that the university hired and admitted people because of legacies, donors, and affirmative action. The group is not known for political motives and did not respond to questions about why that language was included.
University Response
Penn spokesperson Ron Ozio told TechCrunch that the university is analyzing the data and will notify individuals if required under applicable privacy regulations.
Featured image credits: Flickr
For more stories like it, click the +Follow button at the top of this page to follow us.