Harvard Warns of Active Cyberattack Impersonating IT Staff and Targeting Affiliates

Source Domain: www.thecrimson.com

Harvard is monitoring an ongoing cybersecurity threat involving individuals impersonating University information technology staff to gain access to accounts and sensitive data, according to a Friday afternoon message to affiliates.

The attackers are contacting affiliates directly — often urging them to join live phone calls or directing them to fraudulent websites designed to mimic official Harvard pages — in an attempt to steal login credentials, according to the email.

Harvard Chief Information Security and Data Privacy Officer Michael Tran Duff wrote that the scam represents “an active and specific cybersecurity threat,” urging affiliates to remain on “high alert.”

Duff cautioned recipients not to engage with unsolicited communications claiming to be from “Harvard IT,” and warned against logging into unfamiliar websites, installing software, or executing commands at a caller’s direction. Legitimate Harvard websites, he noted, will always end in “.edu.”

The alert comes amid a broader wave of similar attacks at peer institutions. On Thursday, officials at the University of Pennsylvania’s Annenberg School warned affiliates of nearly identical “advanced social engineering attacks” involving impersonation and fake university websites.

Harvard’s Friday warning follows a series of recent cybersecurity incidents at the University.

In September, Clop — a Russian-speaking cybercrime group known for exploiting software vulnerabilities and extorting organizations by threatening to publish stolen data — claimed it had breached Harvard through a flaw in Oracle’s E-Business Suite and planned to release the information on its leak site.

Two months later, a phone-based phishing attack allowed an unauthorized user to access donor and contact information from Harvard’s Alumni Affairs and Development Office.

Duff wrote that affiliates who believe they may have been targeted to report the incident immediately, emphasizing the importance of a rapid…

Source

Harvard Warns of Active Cyberattack Impersonating IT Staff and Targeting Affiliates | News

OpenAI Introduces Lockdown Mode To Combat AI Data Exfiltration Risks Amid Growing Prompt Injection Threats

Frost & Sullivan: AI-driven, Cloud-native SIEM Platforms Will Define the Next Era of Cybersecurity Operations

RSU cybersecurity graduate, student leader accepts staff position in Student Affairs | News

More Stories

OpenAI Introduces Lockdown Mode To Combat AI Data Exfiltration Risks Amid Growing Prompt Injection Threats

Frost & Sullivan: AI-driven, Cloud-native SIEM Platforms Will Define the Next Era of Cybersecurity Operations

RSU cybersecurity graduate, student leader accepts staff position in Student Affairs | News