Dear Members of the Harvard Community,
Do not panic. You have been hacked once again by the Chinese. Well, we are not entirely sure. It could be one of those pro-Palestinian groups with mildly creative names like “AnonGhost.” The Institute of Politics knows too well.
Or it could be the Chinese. After all, U.S. Intelligence Chief James Clapper believes the prime suspect for last month’s hack of the Office of Personnel Management is China.
This time “an intrusion” made its way beyond the security of two IT networks that directly affected eight colleges and administrations. If you belong to any of what follows: Faculty of Arts and Sciences, Harvard Divinity School, Radcliffe Institute for Advanced Study, Central Administration, the Graduate School of Design, Harvard Graduate School of Education, Harvard John A. Paulson School of Engineering and Applied Sciences, or Harvard T.H. Chan School of Public Health, then you should probably change passwords linked to your email and Harvard account, although best to choose an interim password (not your master backup) as we will ask for updated ones at a later time.
As far as the Harvard Kennedy School, along with the business, law, medicine and dental schools – jeez, we really have a lot of schools – is concerned, there is no concern. But if you guys want to change your password because of your “fomo,” then by all means go ahead.
The discovery of the June 19th breach – okay, yes we discovered it more than a week ago, but trust us, we just announced it because we were afraid of “jeopardiz[ing] efforts to secure systems and limit damage from the intrusion, potentially making the situation much more difficult to resolve” – marked the second time in four months for our prestigious institution.
We do have some good news, however. “At this time, we have no indication that research data or personal data managed by Harvard systems (e.g. social security numbers) have been exposed. There is no indication that PIN credentials, used to access University systems and web resources, have been exposed,” says the actual memo sent to students.
As we move forward, our institution promises to uphold and ascribe to its elite status. No longer will we share space in sentences with the names of non-ivy like John Hopkins and University of Maryland.
Both schools dealt with cyber attacks of their own magnitude, with Maryland’s breach impacting the personal information of more than 300,000 spanning a 20 year timeline. Expect our “enhanced security measures” to put up a fight for those login credentials.
At the moment, an obvious partnership with federal authorities and an external IT security company sounds good, and the outside parties should help us conduct a detailed investigation of the matter. We will let you know how that turns out a week after the report is finished.
Please, if you have any further questions, do not hesitate to ask as we will inevitably refer you to our FAQ page, so you can figure it out independently.
Thank you for your time.
Sincerely,
Wait-Listed Prospect
Image Credit: Via Flickr/Chris Hawes