President and Fellows of Harvard College

On January 15, 2021, the Maine Office of the Attorney General disclosed a data breach affecting President and Fellows of Harvard College, stemming from unauthorized access to an external system between December 21 and December 23, 2020. The incident compromised financial account numbers of 689 individuals, including at least one Maine resident. While the breach did not involve large-scale identity theft or systemic operational disruption, the exposure of financial data posed risks of fraud and financial harm to the affected parties. In response, Harvard offered 24 months of credit monitoring via Experian to mitigate potential repercussions. The breach highlighted vulnerabilities in external system security, though no evidence suggested broader exploitation beyond the accessed financial records. The incident underscored the need for heightened safeguards around sensitive financial information, even in isolated compromise scenarios.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/79e5b6f2-229e-4e13-a927-b7aa272ad855.shtml

TPRM report: https://www.rankiteo.com/company/hbs-bhr

"id": "hbs750082025",
"linkid": "hbs-bhr",
"type": "Breach",
"date": "12/2020",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'customers_affected': 689,
                        'industry': 'Higher Education',
                        'location': 'Cambridge, Massachusetts, USA',
                        'name': 'President and Fellows of Harvard College '
                                '(Harvard University)',
                        'type': 'Educational Institution'}],
 'attack_vector': 'External System Breach',
 'customer_advisories': ['24 Months of Credit Monitoring Offered via Experian'],
 'data_breach': {'number_of_records_exposed': 689,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Financial Account Numbers']},
 'date_detected': '2021-01-15',
 'date_publicly_disclosed': '2021-01-15',
 'description': 'The Maine Office of the Attorney General reported a data '
                'breach involving the President and Fellows of Harvard College '
                'due to unauthorized access between December 21 and December '
                '23, 2020. The breach affected 689 individuals, including one '
                'Maine resident, and involved the compromise of financial '
                'account numbers. Harvard offered 24 months of credit '
                'monitoring via Experian as a remedial measure.',
 'impact': {'data_compromised': ['Financial Account Numbers'],
            'identity_theft_risk': 'High (Financial Account Numbers '
                                   'Compromised)',
            'payment_information_risk': 'High',
            'systems_affected': ['External System']},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'response': {'remediation_measures': ['24 Months of Credit Monitoring for '
                                       'Affected Individuals'],
              'third_party_assistance': ['Experian (Credit Monitoring)']},
 'title': 'Data Breach at Harvard College (December 2020)',
 'type': 'Data Breach'}