- Harvard claims its corporate and alumni development systems were hacked
- The university says the voice phishing attack is to blame
- Personal information was exposed, but financial information or passwords were not affected
Harvard University has confirmed that some of its systems were compromised in a recent cyber attack that exposed the personal information of past and present students, employees and donors.
In a breach notification, the prestigious Ivy League university said a phishing attack gave hackers access to its alumni assets and development systems.
This included leaking information about alumni, donors, some faculty and staff, and some current students, which also involved the spouses, partners, and parents of current and former students and alumni.
Attack on Harvard
“On Tuesday, November 18, 2025, Harvard University determined that an unauthorized person gained access to information systems used by Alumni Affairs and Development following a phishing attack,” the letter said. he said.
“The University has taken immediate steps to block the attacker’s access to our systems and prevent future unauthorized access. We are writing to alert you that your information may have been accessed so that you can be notified of unusual communications claiming to be from the University.”
Harvard said the compromised data included email addresses, phone numbers, home and work addresses, event attendance records, donation data and “biographical information related to the university’s alumni engagement and fundraising activities.”
Fortunately, the affected computer systems did not contain social security numbers, passwords, payment card details or financial information.
But even if only “basic” data were made public, cybercriminals would have enough to carry out destructive attacks, the university warned, adding that it is working with law enforcement and outside cybersecurity experts to investigate the incident.
By knowing people’s full names, addresses and university affiliations, they can create convincing phishing emails and trick victims into revealing their credentials or even making fraudulent payments.
Harvard has asked potentially affected individuals to be alert to unusual or suspicious phone calls, texts or emails that appear to come from the university, especially those asking to reset passwords or sensitive information.
It is the third elite American university to have been attacked in recent weeks. Princeton University and the University of Pennsylvania have also recently disclosed data breaches involving donor information.
IN BeepTeam