Voice phishing attack compromises Alumni Affairs systems; personal data of alumni, donors, students, and staff affected
Harvard Confirms Data Breach in Alumni Affairs Systems
Harvard University has disclosed a data breach affecting its Alumni Affairs and Development systems, exposing personal information of alumni, donors, current students, staff, and others connected to the institution. The breach was discovered on November 18, 2025, and was the result of a phone-based phishing attack.
The university is now notifying affected individuals after confirming unauthorized access to fundraising and engagement records.
What Data Was Compromised
While no sensitive financial information such as Social Security numbers, passwords, or credit card data was exposed, the breached systems did contain a significant amount of personal and engagement-related data, including:
- Email addresses and phone numbers
- Home and business mailing addresses
- Event attendance records
- Donation histories and details
- Biographical information related to alumni outreach
According to Harvard CIO Klara Jelinkova and VP for Alumni Affairs Jim Husson, the breach did not affect financial or highly sensitive identification data.
Who Was Affected
Harvard’s investigation has identified several impacted groups:
- Alumni and donors
- Alumni spouses, partners, widows/widowers
- Parents of current and former students
- Some current students
- Some faculty and staff members
Notifications were sent on November 22 to individuals whose data may have been exposed. However, the total number of affected individuals has not been disclosed.
Incident Timeline and University Response
- November 18, 2025: Harvard detected unauthorized access to Alumni Affairs systems via voice phishing.
- Immediate steps were taken to remove the attacker’s access and prevent further intrusion.
- The university is working with law enforcement and external cybersecurity experts to investigate.
In breach notification letters, Harvard urges recipients to:
- Be cautious of emails or calls requesting sensitive information
- Report any suspicious communications claiming to be from the university
- Stay alert for phishing attempts posing as legitimate outreach from Harvard
Broader Pattern of Attacks on Higher Education
This incident follows a wave of cyberattacks targeting U.S. universities:
- In October, the Clop ransomware group claimed it breached Harvard via a zero-day flaw in Oracle’s E-Business Suite. That investigation is ongoing.
- Earlier in November, both Princeton University and the University of Pennsylvania reported data breaches affecting donor information, highlighting a broader threat to Ivy League institutions and their fundraising infrastructure.
A Call for Vigilance
Harvard has emphasized that it is reviewing its security protocols, particularly those related to social engineering attacks like voice phishing.
“We acted immediately to remove the attacker’s access and are now working to ensure this doesn’t happen again,” Harvard said in a statement added November 25.
