Harvard University revealed that it was the victim of a network and IT systems breach on June 19, which has impacted eight different schools and administrative organizations under the purview of the university, according to a report at TechCrunch.
The schools affected by the breach include:
- The Faculty of Arts and Sciences
- Harvard Divinity School
- Radcliffe Institute for Advanced Study
- Harvard Graduate School of Education
- Central Administration
- Harvard T.H Chan School of Public Health
- Harvard John A. Paulson School of Engineering and Applied Sciences.
- Graduate School of Design
The complete list of affected institutions can be found here.
The breach and aftermath
Harvard set up a separate website to reveal the news of the breach publicly. The 17th century University insisted that it did not announce the breach until now because efforts to enhance IT systems’ security could not be jeopardized.
“On June 19, Harvard discovered an intrusion on the Faculty of Arts and Sciences and Central Administration information technology networks,” the website’s “Cyber Alert” confirms. “Since discovering this intrusion, Harvard has been working with external information security experts and federal law enforcement to investigate the incident, protect the information stored on our systems, and strengthen IT environments across the University.
Faculty and students affiliated with the eight affected schools have been advised to change their passwords and update security protocols across every device used to sync to Harvard accounts. This is seen as a precautionary measure by the University who stress that their cybersecurity team who undertook a comprehensive data breach response procedure have found no evidence of emails and personal data being compromised.
“At this time, we have no indication that research data or personal data managed by Harvard systems (e.g. social security numbers) have been exposed. There is no indication that PIN credentials, used to access University systems and web resources, have been exposed,” confirmed the University’s Information Security Team in a series of frequently asked questions (FAQs) posted on Harvard’s IT security portal.
Universities are targets
Harvard isn’t the first university of higher and graduation education to be hacked and this isn’t the first time Harvard has been hacked either. Significant incidents include:
- Recently, a pro-Palestinian group called AnonGhost claimed responsibility for hacking and breaching Harvard’s Institution of Politics website.
- It was merely 3 years ago when Team GhostShell (a hacktivist group) laid claim to hacking over a 100 universities’ systems and websites, including that of Harvard.
- Two separate attacks targeted Rutgers University earlier this spring.
- Pennsylvania State University was the victim of a cyber-attack that took place merely months ago in May.
- Network and IT systems at Johns Hopkins and the University of Maryland were breached last year.
Privacy Rights Clearinghouse, a nonprofit corporation revealed in a study that universities and institutions are now common targets for breaches by attackers, surpassing the overall global growth in attacks.