- Apr 25, 2013
- 5,355
University login credentials used to access computers and email accounts may have been exposed.
Harvard University recently announced that on June 19, 2015, it discovered an intrusion into the IT networks of the Faculty of Arts and Sciences and Central Administration.
"Since discovering this intrusion, Harvard has been working with external information security experts and federal law enforcement to investigate the incident, protect the information stored on our systems, and strengthen IT environments across the University," university provost Alan Garber and executive vice president Katie Lapp said in a statement.
"At this time, we have no indication that personal data, research data, or PIN System credentials have been exposed," Garber and Lapp added. "It is possible that Harvard login credentials (username and password) used to access individual computers and University email accounts have been exposed."
Anyone who's part of the Faculty of Arts and Sciences, the Harvard Divinity School, the Radcliffe Institute for Advanced Study, or the Central Administration is advised to change the password associated with their Harvard account.
Anyone who's part of the Harvard Graduate School of Design, the Harvard Graduate School of Education, the Harvard John A. Paulson School of Engineering and Applied Sciences, or the Harvard T.H. Chan School of Public Health is advised to change their email password.
"Password changes will be required again at a later time as the University takes further steps to enhance security," Garber and Lapp noted.
Members of both groups are advised to update all devices synced to their Harvard account with their new password.
The university stated in a FAQ that the notification was issued as soon as possible. "We notified the community as soon as we were confident that notification would not jeopardize our efforts to secure systems and limit damage from the intrusion, potentially making the situation much more difficult to resolve," it stated.
"Higher education is one of the most targeted industries for cyber attacks, and Harvard frequently detects and repels threats," the FAQ noted. "As attacks become more sophisticated, information security teams must quickly adapt and respond to stay one step ahead."
Other universities recently breached by cyber attacks include Metropolitan State University, Penn State University, UC Berkeley and Auburn University.
Several recent articles at eSecurity Planet have offered advice on how to respond to a data breach, from consulting with data privacy counsel to ensuring proper messaging.
Harvard University recently announced that on June 19, 2015, it discovered an intrusion into the IT networks of the Faculty of Arts and Sciences and Central Administration.
"Since discovering this intrusion, Harvard has been working with external information security experts and federal law enforcement to investigate the incident, protect the information stored on our systems, and strengthen IT environments across the University," university provost Alan Garber and executive vice president Katie Lapp said in a statement.
"At this time, we have no indication that personal data, research data, or PIN System credentials have been exposed," Garber and Lapp added. "It is possible that Harvard login credentials (username and password) used to access individual computers and University email accounts have been exposed."
Anyone who's part of the Faculty of Arts and Sciences, the Harvard Divinity School, the Radcliffe Institute for Advanced Study, or the Central Administration is advised to change the password associated with their Harvard account.
Anyone who's part of the Harvard Graduate School of Design, the Harvard Graduate School of Education, the Harvard John A. Paulson School of Engineering and Applied Sciences, or the Harvard T.H. Chan School of Public Health is advised to change their email password.
"Password changes will be required again at a later time as the University takes further steps to enhance security," Garber and Lapp noted.
Members of both groups are advised to update all devices synced to their Harvard account with their new password.
The university stated in a FAQ that the notification was issued as soon as possible. "We notified the community as soon as we were confident that notification would not jeopardize our efforts to secure systems and limit damage from the intrusion, potentially making the situation much more difficult to resolve," it stated.
"Higher education is one of the most targeted industries for cyber attacks, and Harvard frequently detects and repels threats," the FAQ noted. "As attacks become more sophisticated, information security teams must quickly adapt and respond to stay one step ahead."
Other universities recently breached by cyber attacks include Metropolitan State University, Penn State University, UC Berkeley and Auburn University.
Several recent articles at eSecurity Planet have offered advice on how to respond to a data breach, from consulting with data privacy counsel to ensuring proper messaging.