Harvard is currently under investigation for a data breach, following a threat from a Russian-speaking cybercrime group, Clop, who claims to have stolen sensitive information. The breach, which occurred through a vulnerability in the Oracle E-Business system, has raised concerns about the security of Harvard's data. Clop, known for its extortion tactics, announced the breach on its leak site, targeting Harvard and potentially hundreds of other companies. The attack, which began as early as July, was part of a larger campaign that affected over 100 companies. Clop's method involves locking users out of systems and demanding ransom payments to prevent data release. This incident highlights the ongoing challenges in cybersecurity, as Clop has a history of successful attacks, including a major breach in 2023 that compromised over 2,773 organizations. The Harvard University Information Technology (HUIT) team has taken swift action by applying a patch to address the vulnerability and has reported no evidence of further compromise. However, the investigation continues to ensure the security of Harvard's systems and data.
