The University of Pennsylvania experienced a cyberattack where hackers stole sensitive data using stolen credentials obtained through social engineering. The breach involved internal documents, donor information, and a mass email sent to thousands, prompting increased security measures. #Pennsylvania #SocialEngineering
Keypoints
- The hackers accessed Pennβs systems on October 30 using compromised employee credentials.
- They stole 1.71 GB of internal documents and a database with 1.2 million donor records.
- The stolen data included PII, financial information, and employment details.
- The attackers used access to send offensive mass emails to 700,000 recipients.
- Penn is working with FBI and CrowdStrike, increasing security and warning about potential phishing scams.