Harvard University Faces Cyberattack Targeting Affiliates via IT Impersonation

Severity: High (Score: 66.0)

Sources: Thecrimson, Edscoop

Summary

Harvard University is currently dealing with an active cybersecurity threat where attackers are impersonating IT staff to gain access to sensitive information. The attackers are contacting university affiliates through direct communication, urging them to join fraudulent phone calls or visit fake websites that mimic official Harvard login pages. Michael Tran Duff, Harvard's Chief Information Security and Data Privacy Officer, issued a warning to affiliates to remain vigilant and avoid engaging with unsolicited communications. This incident is part of a broader trend of similar social engineering attacks affecting other institutions, including the University of Pennsylvania. Harvard has previously faced cybersecurity incidents, including a breach by the Clop cybercrime group and a phone-based phishing attack that compromised donor information. Affiliates are advised to report any suspicious activity immediately to enhance the university's response capabilities. The situation remains active and requires heightened awareness among all university members. Key Points: • Harvard is experiencing a targeted cyberattack impersonating IT staff. • Attackers are using fraudulent websites and phone calls to steal login credentials. • Similar attacks have been reported at other institutions, indicating a broader threat.

Key Entities

• Data Breach (attack_type)
• Phishing (attack_type)
• Annenberg School (company)
• Harvard University (company)
• University of Pennsylvania (company)
• Education (company)
• T1566.002 - Spearphishing Link (mitre_attack)
• Oracle E-business Suite (platform)