‘We got hacked’ emails threaten to leak University of Pennsylvania data
The University of Pennsylvania suffered a cybersecurity incident on Friday, where students and alumni received a series of offensive emails from various University email addresses, claiming that data was stolen in a breach.
The emails have a subject line of “We got hacked (Action Required)” and claim that data was stolen during an alleged breach, also calling out the University over its security practices and admission policies.
“The University of Pennsylvania is a dog**** elitist institution full of woke retards. We have terrible security practices and are completely unmeritocratic,” reads the email seen by BleepingComputer.
“We hire and admit morons because we love legacies, donors, and unqualified affirmative action admits. We love breaking federal laws like FERPA (all your data will be leaked) and Supreme Court rulings like SFFA.”
The emails were sent from various Penn email addresses, including the Penn Graduate School of Education (gse@connect.upenn.edu) and University of Pennsylvania employees.
Source: BleepingComputer
BleepingComputer has obtained numerous samples of the emails and can confirm they were all sent via “connect.upenn.edu,” a Penn mailing list platform hosted on Salesforce Marketing Cloud. It is unclear if the University’s account on the marketing platform was comprommised to send the emails.
A Penn spokesperson confirmed to BleepingComputer that they are aware of the emails and their Incident Response team is addressing the breach.
“A fraudulent email has been circulated that appears to come from the University of Pennsylvania’s Graduate School of Education,” a Penn spokesperson told BleepingComputer.
“This is obviously a fake, and nothing in the highly offensive, hurtful message reflects the mission or actions of Penn or of Penn GSE. The University’s Office of Information Security is aware of the situation, and our Incident Response team is actively addressing it.”
If you have any information regarding this incident or any other undisclosed attacks, you can contact us confidentially via Signal at 646-961-3731 or at tips@bleepingcomputer.com.
Penn has now added a banner to its website warning about the emails and asking recipients not to report the incident as they are aware of it.
“Simply disregard or delete the message. However, if you receive any new or different messages that raise concern, please contact your local IT support provider (LSP),” reads the banner message.
Penn was among several universities that recently received a letter from the Trump administration inviting them to join the “Compact for Excellence in Higher Education,” a program tying preferential funding to the adoption of specific policy reforms.
The University ultimately declined to participate, stating that it had provided feedback to the administration regarding concerns with the compact.
BleepingComputer asked Penn further questions about the incident, but was told they had nothing further to share at this time.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.
Source link