Hackers Release Personal Data Stolen in Harvard and UPenn Cyberattacks

Hackers have released personal information stolen during recent cyberattacks affecting Harvard University and the University of Pennsylvania, according to reports and statements from the institutions. The incidents have raised renewed concerns about data security and third-party risks across the higher education sector.

The leaked data reportedly includes personal details belonging to students, applicants, and university employees. While investigations are ongoing, cybersecurity experts say the exposed information could be misused for phishing campaigns, identity theft, and other forms of fraud.

University officials indicated that the breaches were linked to unauthorized access to third-party systems used for administrative and academic services, rather than direct intrusions into core university networks. Such attacks have become increasingly common as universities rely on external vendors for admissions processing, cloud storage, and data management.

Both Harvard and UPenn confirmed the incidents and said they are working with cybersecurity specialists and law enforcement agencies to determine the scope of the breaches. Affected individuals are being notified and advised to monitor their accounts, update passwords, and be cautious of suspicious communications.

The publication of stolen data marks a significant escalation in cyberattacks against academic institutions. In recent years, hackers have increasingly leaked data publicly to apply pressure, attract attention, or damage organizational credibility.

Cybersecurity analysts warn that universities remain prime targets due to the large volumes of personal and research data they hold and the complexity of their IT environments. Experts are urging institutions to strengthen vendor oversight, conduct regular security audits, and improve incident response planning to reduce future risks.