The 2026 breach of Harvard University’s Alumni Affairs and Development by the ShinyHunters collective exposed about 115,000 sensitive records, including detailed donor wealth, family networks, and admissions-related flags. The attackers likely used vishing and an SSO/MFA bypass to access SaaS platforms, underscoring the urgent need for phishing-resistant MFA and Zero Trust defenses. #ShinyHunters #HarvardUniversity
Keypoints
- Attackers used vishing and SSO/MFA bypass tactics to hijack administrative sessions.
- Approximately 115,000 records were exfiltrated, revealing donor wealth, family ties, and student links.
- The leak consolidated high-value targets and detailed personal data for figures like Mark Zuckerberg and Michael Bloomberg.
- Internal “Admissions Holds” tied fundraising and admissions data, creating significant ethical and privacy risks.
- Immediate mitigations recommended include FIDO2/hardware keys and a Zero Trust approach to identity and access.