Harvard University reveals data breach hitting alumni and donors

1. Pro
2. Security

Harvard University reveals data breach hitting alumni and donors News By Mike Moore published 25 November 2025

Harvard Alumni Affairs and Development systems hit

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Getty Images / Bloomberg / Contributor)

• Harvard says Alumni Affairs and Development systems breached
• A voice phishing attack was to blame, the University says
• Personal data exposed, but no financial info or passwords were affected

Harvard University has confirmed some of its systems were compromised in a recent cyberattack which saw personal data on past and present students, staff, and donors exposed.

In a data breach notification letter, the prestigious Ivy League University said a voice phishing attack allowed hackers access to its Alumni Affairs and Development systems.

• Amazon Black Friday deals are live: here are our picks!

This led to information about alumni, donors, some faculty and staff, and some current students being breached, with spouses, partners and parents of alumni as well as current and former students also affected.

You may like

• "We have terrible security practices" - University of Pennsylvania hackers say they've stolen over a million records in major cyberattack
• Microsoft warns university employees are being hit by payroll attacks, so stay on your guard
• Palo Alto Networks becomes the latest to confirm it was hit by Salesloft Drift attack

Official IdentityForce® | Identity Theft Protection - save up to 68% annually

Many people don’t know how to protect their ID. Don’t be one of them. Get your ID Action Plan here. Get a personalized step-by-step Action Plan & ID Safety Score based on YOUR dark web hits.

View Deal

Harvard attack

"On Tuesday, November 18, 2025, Harvard University discovered that information systems used by Alumni Affairs and Development were accessed by an unauthorized party as a result of a phone-based phishing attack," the letter said.

"The University acted immediately to remove the attacker's access to our systems and prevent further unauthorized access. We are writing to make you aware that information about you may have been accessed and so you can be alert for any unusual communications that purport to come from the University."

Harvard said the compromised data included email addresses, telephone numbers, home and business addresses, event attendance records, donation details, and "biographical information pertaining to University fundraising and alumni engagement activities."

Fortunately, the affected IT systems didn't contain Social Security numbers, passwords, payment card information, or financial info.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

However, even with just the “basic” data exposed, cybercriminals will have enough to launch destructive attacks, the university warned, adding it is working with law enforcement and third-party cybersecurity experts to investigate the incident.

By knowing people’s full names, addresses, and their connections to the university, they can create convincing phishing emails, tricking the victims into sharing login credentials, or even making fraudulent payments.

Harvard has urged potentially affected individuals to be on alert for unusual or suspicious calls, text messages, or emails claiming to be from the university, particularly those requesting password resets or sensitive information.

You may like

• "We have terrible security practices" - University of Pennsylvania hackers say they've stolen over a million records in major cyberattack
• Microsoft warns university employees are being hit by payroll attacks, so stay on your guard
• Palo Alto Networks becomes the latest to confirm it was hit by Salesloft Drift attack

The news marks the third Ivy League US university to be targeted in the last few weeks, with Princeton University and the University of Pennsylvania also recently disclosing data breaches concerning donor information.

Via BleepingComputer

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Mike MooreSocial Links NavigationDeputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more "We have terrible security practices" - University of Pennsylvania hackers say they've stolen over a million records in major cyberattack    Microsoft warns university employees are being hit by payroll attacks, so stay on your guard    Palo Alto Networks becomes the latest to confirm it was hit by Salesloft Drift attack    Discord hit by data breach after hackers strike support tickets    Harrods cyberattack - over 430,000 customers have data stolen, here's how to stay safe    DraftKings warns users they may be hit by cyberattacks following breach    Latest in Security Black Friday shopping scams are on the rise - experts warn many new domains could be dodgy, here's what to look for    Windows Server flaw targeted by hackers to spread malware - here's what we know    Cox Enterprises hit by Oracle data breach - but it won't name who carried out the attack    Iberia tells customers it was hit by a major security breach    Google security experts say Gainsight hacks may have left hundreds of companies affected    Watch out - that Amazon page offering amazing Black Friday deals could be a dodgy spoof site, and could leave you seriously out of pocket    Latest in News Leaker claims Xbox Series X and Series S consoles could see another price hike due to global RAM shortage    A Linux OS has got a million downloads since Windows 10 support ended    YouTube Music 2025 Recap is rolling out with extra AI – here's how to get it    Intergalactic: The Heretic Prophet is reportedly still years away from release, will be a no-show at The Game Awards and won't launch in 2026    iOS 26 lets you disable a major annoyance in the Wallet app – here’s how    If the latest foldable iPhone price rumor is correct, the iPad Mini 8 will be the only sensible choice    LATEST ARTICLES

1. 1ChatGPT’s Agent feature lets you assign tasks and walk away – here’s how
2. 2This Black Friday why not invest in your kids' safety? Bark has some major discounts on phones and smartwatches available right now
3. 3Best turntables 2025: top record players for all budgets
4. 4Best earbuds: top buys, all TechRadar-tested and recommended
5. 5Leaker claims Xbox Series X and Series S consoles could see another price hike due to global RAM shortage