University of Pennsylvania Breach - 623K Accounts Exposed

Overview

In October 2025, the University of Pennsylvania experienced a significant cybersecurity incident. Attackers breached the university’s donor database, stole sensitive information, and issued a ransom demand. When their demands were not met, the attackers escalated their actions. They sent inflammatory, targeted emails to some of the affected individuals and, in February 2026, published the stolen data online. This breach compromised the personal information of approximately 623,750 individuals connected to the university’s donor community.

What Was Exposed

The core dataset published online includes names, email addresses, and physical addresses. For a significant number of records, gender and date of birth were also exposed. Most concerning is that a smaller subset of donor records contained highly sensitive details, including:

• Religion
• Spouse’s name
• Estimated income
• Donation history

This combination of basic contact information with intimate personal and financial details significantly increases the risk for victims.

Potential Impact

The exposure of this data creates multiple avenues for harm. With names, addresses, and emails, victims face a high risk of targeted phishing campaigns and identity theft. The inclusion of dates of birth makes it easier for criminals to impersonate individuals for financial fraud. The sensitive subset of data-particularly religion, income, and donation history-opens the door for extreme personal targeting, discrimination, or tailored scams. The attackers’ prior action of sending inflammatory emails proves they are willing to use this data for harassment, causing emotional distress beyond financial risk.

Recommendations

If you have ever donated to or been associated with the University of Pennsylvania, take these steps immediately:

1. Change Passwords & Enable 2FA: Immediately update the password for the email address exposed, and any other accounts that use it or a similar password. Enable two-factor authentication (2FA) everywhere possible.
2. Beware of Targeted Phishing: Be extremely cautious of all emails, especially those referencing your donation, address, or other exposed details. Do not click links or open attachments from unsolicited messages. Verify communications directly with the university through official channels.
3. Monitor Financial Accounts: Regularly review bank and credit card statements for unauthorized activity. Consider placing a fraud alert on your credit file with the three major bureaus (Equifax, Experian, TransUnion).
4. Stay Vigilant for Harassment: Be aware that your physical address and personal details are public. Report any harassing communications to local authorities and the university.
5. Consider a Credit Freeze: For the highest level of protection against new accounts being opened in your name, initiate a credit freeze.

How to Check If You’re Affected

The breach has been reported to the free service Have I Been Pwned. To see if your information was compromised:

1. Visit https://haveibeenpwned.com
2. Enter your primary email address(es) into the search bar.
3. The service will indicate if your email is listed in the “University of Pennsylvania” breach dataset. You can also directly access the breach notification at: https://haveibeenpwned.com/Breach/UniversityOfPennsylvania