Hackers have struck elite US universities in recent weeks, pilfering sensitive data from donors and making off with students’ information in a string of digital heists that only add stress to schools already besieged with political pressure.
Dartmouth College, Harvard University, Princeton and the University of Pennsylvania have each disclosed breaches within the past three weeks, months after a politically motivated attacker burrowed deep into networks at New York City’s Columbia University. The identity of the intruders in most of the recent incidents remains a mystery. However, the hackers typically duped school employees in order to access databases of personal information about prominent individuals associated with each institution.
The break-in at Harvard, which the school discovered on Nov. 18, resulted in the theft of personal data and other information from fundraisers at the school, which typically raises more than $1 billion annually. At Dartmouth, attackers exploited a software vulnerability in an Oracle Corp. product to steal files from the university, the school said in a notice Monday to people impacted by the incident. Oracle has since released a security patch for the flaw.
“Universities like Harvard have a lot of valuable information like personal information about powerful people – politics, influencers, executives – and we know both criminals and countries target these institutions,” said Sergey Shykevich, threat intelligence manager at the Israeli cybe
Source: https://www.insurancejournal.com/news/national/2025/11/26/849125.htm
Princeton University cybersecurity rating report: https://www.rankiteo.com/company/princeton-university
Harvard University cybersecurity rating report: https://www.rankiteo.com/company/harvard-university
Dartmouth College cybersecurity rating report: https://www.rankiteo.com/company/dartmouth-college
Columbia University cybersecurity rating report: https://www.rankiteo.com/company/columbia-university
Oracle cybersecurity rating report: https://www.rankiteo.com/company/oracle
"id": "PRIHARDARCOLORA1765173096",
"linkid": "princeton-university, harvard-university, dartmouth-college, columbia-university, oracle",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Donors and students',
'industry': 'Education',
'location': 'United States',
'name': 'Dartmouth College',
'type': 'University'},
{'customers_affected': 'Fundraisers and prominent '
'individuals',
'industry': 'Education',
'location': 'United States',
'name': 'Harvard University',
'type': 'University'},
{'industry': 'Education',
'location': 'United States',
'name': 'Princeton University',
'type': 'University'},
{'industry': 'Education',
'location': 'United States',
'name': 'University of Pennsylvania',
'type': 'University'},
{'industry': 'Education',
'location': 'United States',
'name': 'Columbia University',
'type': 'University'}],
'attack_vector': ['Phishing', 'Software Vulnerability Exploitation'],
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Donor Data',
'Student Information']},
'date_detected': '2023-11-18',
'description': 'Hackers have struck elite US universities in recent weeks, '
'pilfering sensitive data from donors and making off with '
'students’ information in a string of digital heists. '
'Dartmouth College, Harvard University, Princeton, and the '
'University of Pennsylvania have each disclosed breaches '
'within the past three weeks. The identity of the intruders in '
'most of the recent incidents remains a mystery. The hackers '
'typically duped school employees to access databases of '
'personal information about prominent individuals associated '
'with each institution.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': 'Personal data of donors, students, and '
'prominent individuals',
'identity_theft_risk': 'High'},
'initial_access_broker': {'entry_point': 'Phishing (duping school employees)',
'high_value_targets': 'Prominent individuals '
'associated with '
'institutions'},
'investigation_status': 'Ongoing',
'motivation': ['Financial Gain', 'Espionage'],
'post_incident_analysis': {'root_causes': ['Software Vulnerability',
'Phishing']},
'references': [{'source': 'News Article'}],
'response': {'remediation_measures': 'Oracle released a security patch for '
'the exploited vulnerability'},
'title': 'Cyber Attacks on Elite US Universities',
'type': ['Data Breach', 'Cyber Heist'],
'vulnerability_exploited': 'Oracle Corp. product vulnerability'}