NEW You can now listen to Fox News articles!
Elite universities like Harvard, Princeton and Columbia spend fortunes on research, talent and digital infrastructure. Even then, they've become easy targets for attackers who see massive databases filled with personal information and donation records as a goldmine. Over the past few months, breaches across Ivy League campuses have exposed the same problem. These institutions handle huge amounts of sensitive data, but their internal defenses often don't match the scale of what they store. That pattern brings us to Harvard's newest incident, which exposed a database of alumni, donors, some students and faculty to hackers.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
CHECK IF YOUR PASSWORDS WERE STOLEN IN HUGE LEAK
A phone phishing attack unlocks Harvard's data
Harvard confirmed that a database tied to alumni, donors, faculty and some students was accessed by an unauthorized party. This happened after a phone phishing attack tricked someone into giving the attacker a way into the system.
"On Tuesday, November 18, 2025, Harvard University discovered that information systems used by Alumni Affairs and Development were accessed by an unauthorized party as a result of a phone-based phishing attack," the university said in a no
Source: https://www.foxnews.com/tech/harvard-hit-new-breach-after-phone-phishing-attack
HarvardX cybersecurity rating report: https://www.rankiteo.com/company/harvard-x
"id": "HAR1765122916",
"linkid": "harvard-x",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Alumni, donors, '
'faculty, and some '
'students',
'industry': 'Higher Education',
'location': 'Cambridge, Massachusetts, '
'USA',
'name': 'Harvard University',
'size': 'Large',
'type': 'Educational Institution'}],
'attack_vector': 'Phone Phishing',
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal '
'Information'},
'date_detected': '2025-11-18',
'description': 'A phone phishing attack tricked someone into '
'giving an unauthorized party access to a Harvard '
'University database tied to alumni, donors, '
'faculty, and some students.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Alumni, donor, faculty, and '
'student information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': 'Alumni Affairs and Development '
'information systems'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': 'Phone Phishing',
'high_value_targets': None,
'reconnaissance_period': None},
'motivation': 'Data Theft',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Insufficient phishing '
'awareness and human '
'error'},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Fox News',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': 'Harvard University Alumni and Donor Database Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error (Phishing)'}