The University of Pennsylvania was claimed to have had data from nearly 1.2 million students, alumni, and donors compromised following the breach of its systems last week, just as the university dismissed hacking email notices from Penn.edu sent to alumni and students on Friday as fake, according to BleepingComputer.Attackers allegedly compromised Penn's systems on Oct. 30 through an employee's PennKey SSO account, enabling access to the university's Salesforce data, VPN, Qlik analytics platform, SharePoint files, and SAP business intelligence system.Such access allowed hackers to pilfer records that included individuals' names, birthdates, phone numbers, addresses, demographic information, estimated net worth, and donation history. Despite the university's efforts to lock the impacted employee's account, attackers' continued access to its Salesforce Marketing Cloud permitted the distribution of the profane breach notice to nearly 700,000 recipients.Multiple spreadsheets and files from Penn's SharePoint and Box systems have already been exposed by the threat actor as part of a 1.7 GB archive.
Breach, Data Security
Almost 1.2M allegedly impacted by University of Pennsylvania breach

(Adobe Stock)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds

