Harvard warns of active cyberattack impersonating IT staff and targeting affiliates

Harvard is monitoring an ongoing cybersecurity threat involving individuals impersonating University information technology staff to gain access to accounts and sensitive data, according to a Friday afternoon message to affiliates.

The attackers are contacting affiliates directly — often urging them to join live phone calls or directing them to fraudulent websites designed to mimic official Harvard pages — in an attempt to steal login credentials, according to the email.

Harvard Chief Information Security and Data Privacy Officer Michael Tran Duff wrote that the scam represents “an active and specific cybersecurity threat,” urging affiliates to remain on “high alert.”

Read more at The Harvard Crimson