Personal data stolen during Harvard and UPenn data breaches leaked online - over a million details, including emails, home addresses and more, all published

News
By published

Negotiations with Harvard hackers were unsuccessful

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration
(Image credit: Shutterstock)
  • ShinyHunters leaked over one million records stolen from Harvard and UPenn onto their dark web site
  • Data includes personal details, donation history, and demographic information from students, staff, alumni, and donors
  • Breaches tied to SSO compromise and vishing; files published after failed ransom negotiations, with no encryptors used

Hacking group ShinyHunters has released all the files it stole from Harvard University and the University of Pennsylvania (UPenn) in late 2025.

The files are now apparently sitting on the hackers’ dark web site, available to other cybercriminals to download and exploit.

The group claims to have leaked more than a million records. Both organizations confirmed having been breached, while TechCrunch managed to verify a portion of the dataset.

Negotiations broke down, ShinyHunters leaked files

In early November, hackers revealed they had gained “full access” to a UPenn employee SSO account, which granted them access to the university’s VPN, Salesforce data, Qlik analytics platform, SAP business intelligence system, and SharePoint files.

The information stolen allegedly includes people’s names, dates of birth, addresses, phone numbers, estimated net worth, donation history, and demographic details (race, religion, sexual orientation, and similar).

They also used the access to send offensive emails to some 700,00 recipients. At first, UPenn described the emails as “obviously fake” and “fraudulent”, but later backtracked and confirmed it was hit.

Roughly three weeks later, Harvard also confirmed system compromise, and said personal data on past and present students, staff, and donors, was exposed. In a data breach notification letter, the prestigious Ivy League University said a voice phishing attack allowed hackers access to its Alumni Affairs and Development systems.

This led to information about alumni, donors, some faculty and staff, and some current students being breached, with spouses, partners and parents of alumni as well as current and former students also affected.

ShinyHunters says they decided to leak the files now since negotiations broke down. Usually, hackers would steal files and then demand payment in crypto, in exchange for deleting them. When the victim decides not to pay, the data gets published, as was the case here. No encryptors were deployed in these attacks.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.