Why the Harvard data breach deserves your attention

On June 19, Harvard University announced it had detected an intrusion among its private networks. The IT systems in question impact eight colleges and administrations within the university community, and the school urged users to change their passwords. The security team doesn’t believe personal data, research data, emails or PIN numbers were exposed. However, if a data theft did take place, the compromised information likely consists of individual login credentials.

Harvard is one of many targets for data breaches in today’s higher education industry. Its high endowment numbers, which grew to $36.4 billion in 2014, may make the organization an even more interesting target for third-party attackers – as noted by Fortune Magazine, the university faced website issues earlier this year, rumored to be the handiwork of hacking group AnonGhost, and other school servers were reportedly targeted by a separate group in 2012. In general, however, universities traditionally have not had the best track record with requiring strong passwords or using multi-factor authentication. In some cases, departments that handle sensitive data are staffed with students, meaning the pool of individuals with access to potentially sensitive information is wide and frequently changing.  Knowing these factors, why wouldn’t a hacker community target universities and schools?

Budgeting for better security

As threats evolve and organizations develop a deeper need to become data-aware to protect against risks, many schools are realizing that their security systems aren’t sufficiently monitoring or protecting their sensitive data. Fixed budgets, common in educational institutions, can limit the number or extent of solutions and initiatives that university IT staff can employ. As a result, these IT teams tackle the same data management and protection challenges that plague – and claim victims – in other industries, while strategically using the resources available to them.

Data breaches at universities cause students, faculty, alumni, administrators and staff to lose trust in the institution, and that can be detrimental to attendance rates and student success. If you’re a team member on a university IT staff, don’t let your organization become the next name on a growing list of schools that have suffered breaches in recent years.

Find out how data-aware technology can protect sensitive university data before a breach occurs.

1 Like

David Stevens

David Stevens is a Technical Marketing Manager at DataGravity. For two decades, David worked as a systems admin, doing everything from taking support calls to building out IT infrastructure to architecting new storage environments. Prior to joining DataGravity, he created technical content and evangelized storage solutions for Dell.