Harvard University has discovered an intrusion into its data systems, the school announced Wednesday in an e-mail to staff, faculty, and students.
The university discovered the breach in the technology networks of the Faculty of Arts and Sciences and Central Administration on June 19, according to the e-mail from Provost Alan Garber and Katie Lapp, the school’s executive vice president.
Security officials do not believe personal data, research data, e-mails, or PIN numbers have been exposed. But it is possible that hackers obtained Harvard login credentials to access individual computers and university e-mail accounts, the e-mail said.
Harvard did not announce the breach until now because it did not want to jeopardize efforts to secure its systems and to limit damage, the e-mail said.
The school is working with external security experts and federal law enforcement officials to investigate and strengthen the IT system.
The note advises people who are part of the affected departments to change their passwords on all their devices. “A longer password is a stronger password,” the university advised.
Members of Harvard Business School, Harvard Kennedy School, Harvard Law School, Harvard Medical School, and Harvard School of Dental Medicine do not need to take action, the school said.
Harvard has reminded people not to respond to questionable phone calls or e-mails asking for account information.
The university has created a special website for people to reference in response to the attack. It says higher education is one of the most targeted industries for cyber attacks and said Harvard frequently detects and repels threats.
Universities increasingly have become targets for hackers. In one of the most sophisticated cases, Penn State announced in May that the computer systems at its College of Engineering were hit by Chinese hackers who gained user names and passwords in a two-year operation.