Harvard University Faces Cyberattack Targeting Affiliates via IT Impersonation

Harvard University Faces Cyberattack Targeting Affiliates via IT Impersonation

First seen 6 Apr 2026, 17:29 UTC ThecrimsonEdscoop 83% similarity 66.0

Article Content

Browse articles
ThreatCluster

Harvard University is currently dealing with an active cybersecurity threat where attackers are impersonating IT staff to gain access to sensitive information. The attackers are contacting university affiliates through direct communication, urging them to join fraudulent phone calls or visit fake websites that mimic official Harvard login pages. Michael Tran Duff, Harvard's Chief Information Security and Data Privacy Officer, issued a warning to affiliates to remain vigilant and avoid engaging with unsolicited communications. This incident is part of a broader trend of similar social engineering attacks affecting other institutions, including the University of Pennsylvania. Harvard has previously faced cybersecurity incidents, including a breach by the Clop cybercrime group and a phone-based phishing attack that compromised donor information. Affiliates are advised to report any suspicious activity immediately to enhance the university's response capabilities. The situation remains active and requires heightened awareness among all university members.

Key Points: • Harvard is experiencing a targeted cyberattack impersonating IT staff. • Attackers are using fraudulent websites and phone calls to steal login credentials. • Similar attacks have been reported at other institutions, indicating a broader threat.

ThreatCluster AI

Timeline

2026-04-03
Harvard issues warning about ongoing cybersecurity threat.
2026-04-06
Edscoop reports on Harvard's cybersecurity threat.
Recent
University of Pennsylvania warns of similar attacks.

Community

Browse all →