ShinyHunters Alleged Data Breach Targets Ivy League: 2 Million Records Stolen from Harvard University and the University of Pennsylvania

Summarize with:

ChatGPT Claude.ai Google AI Grok Perplexity

Add as preferred source on Google

The notorious threat actor group ShinyHunters has claimed responsibility for a significant data breach targeting two of the United States' most prestigious academic institutions: Harvard University and the University of Pennsylvania. On February 4, 2026, the group announced the alleged exfiltration of a massive dataset containing a total of over 2.2 million records. 

While the breach is pending verification, the claims align with the group's historical operational patterns of targeting organizations with vast repositories of user data.

Exposure of PII and Donor Information

According to the threat actors, the compromised databases contain a wealth of sensitive information. The alleged University of Pennsylvania data leak and the Harvard breach reportedly include:

• Personally identifiable information (PII), 
• Records related to university donations. 

The ShinyHunters group, known for social engineering techniques, typically monetizes such data by selling it on dark web marketplaces or by using it to extort victim organizations.

Education Sector Cybersecurity Under Siege

If confirmed, this ShinyHunters data breach claim could endanger the impacted individuals. Universities are attractive targets for cybercriminals due to the sheer volume of PII, intellectual property, and financial data they possess. 

In October, Harvard confirmed a Cl0p data breach tied to the Oracle EBS vulnerability, and one month later, UPenn announced investigating an intrusion linked to the same flaw.

In late December, the University of Phoenix data breach of its Oracle EBS system may have compromised the details of nearly 3.5 million individuals.

This week, Mandiant reported that Cloud Environments are targeted with ShinyHunters extortion tactics, vishing, and SSO compromise. 

Related

Spain to Legislate Social Media Access Ban for Children Under 16, Joining Broader Movement

Poland Detains Defense Ministry Employee on Suspicion of Spying for Russian and Belarusian Intelligence

AI-Assisted Cloud Intrusion Compromises AWS Environment in 8 Minutes, Highlights New Cloud Security Threats

DockerDash Ask Gordon AI Vulnerability Exposes Supply Chain Risks as Meta-Context Injection Compromises AI Integrity

Notepad++ Hijacking Incident Deploying Backdoor, Linked to Lotus Blossom Group Campaign

Spyware Vendor’s Pall Mall Claims Trigger Civil Society Backlash

Your Weekly Cybersecurity Briefing

Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.

Subscribe for Free

Please enter a valid email address.

Most Popular

Spain to Legislate Social Media Access Ban for Children Under 16, Joining Broader Movement

Poland Detains Defense Ministry Employee on Suspicion of Spying for Russian and Belarusian Intelligence

AI-Assisted Cloud Intrusion Compromises AWS Environment in 8 Minutes, Highlights New Cloud Security Threats

DockerDash Ask Gordon AI Vulnerability Exposes Supply Chain Risks as Meta-Context Injection Compromises AI Integrity

Notepad++ Hijacking Incident Deploying Backdoor, Linked to Lotus Blossom Group Campaign

Spyware Vendor’s Pall Mall Claims Trigger Civil Society Backlash

Spain to Legislate Social Media Access Ban for Children Under 16, Joining Broader Movement

Poland Detains Defense Ministry Employee on Suspicion of Spying for Russian and Belarusian Intelligence

AI-Assisted Cloud Intrusion Compromises AWS Environment in 8 Minutes, Highlights New Cloud Security Threats

DockerDash Ask Gordon AI Vulnerability Exposes Supply Chain Risks as Meta-Context Injection Compromises AI Integrity

Notepad++ Hijacking Incident Deploying Backdoor, Linked to Lotus Blossom Group Campaign

Spyware Vendor’s Pall Mall Claims Trigger Civil Society Backlash