Hackers threaten to leak ‘woke’ University of Pennsylvania student data

The University of Pennsylvania was targeted by hackers who sent threatening emails to alumni, claiming to have breached the university’s security practices and stating that they would leak student data.
The emails referenced the Family Educational Rights and Privacy Act (FERPA) and Students for Fair Admissions (SFFA), a group involved in the Supreme Court ruling on affirmative action for college admissions.
Penn acknowledged the incident, stating that the university’s Office of Information Security is addressing the situation and that the offending emails do not reflect the university’s mission or actions.
This is not the first Ivy League school to be targeted by politically motivated hackers this year; Columbia University was also breached earlier in the year, reportedly impacting decades of admissions data.
The alleged hacker behind the Penn hack has a history of targeting universities and taking credit for other hacks at NYU and the University of Minnesota, with ties to far-right extremist groups.

“We got hacked,” members of the University of Pennsylvania community were told in the subject line of several emails sent from addresses linked to its Graduate School of Education. The sender, apparently, was the potential hacker or hackers themselves.

“The University of Pennsylvania is a dogshit elitist institution full of woke retards,” said the emails, which were received by several alumni including a Verge author who attended the University of Pennsylvania. “We have terrible security practices and are completely unmeritocratic. We hire and admit morons because we love legacies, donors, and unqualified affirmative action admits. We love breaking federal laws like FERPA (all your data will be leaked) and Supreme Court rulings like SFFA. Please stop giving us money.”

The apparent hacker or hackers referenced the Family Educational Rights and Privacy Act, which protects the privacy of students’ personal information that’s shared with schools. SFFA appears to refer to Students for Fair Admissions, the group that was at the forefront of the Supreme Court ruling that struck down race-based affirmative action for college admissions.

Do you have information about the U Penn hack or other university attacks? Contact Elizabeth Lopatto securely on Signal at lopatto.46.

Penn acknowledged the existence of the messages in a statement on its website. “A fraudulent email is currently being circulated that appears to come from a Penn GSE account with the subject ‘We got hacked (Action Required)’ or similar,” it says. “The University’s Office of Information Security is aware of the situation, and their Incident Response team is actively addressing it.” In a statement on the university’s communications website, the school says, “nothing in the highly offensive, hurtful message reflects the mission or actions of Penn or of Penn GSE.”

Penn would not be the first Ivy League school to be hacked this year by what seems to be politically motivated attackers. Columbia University was the target of a breach earlier this year reportedly impacting decades of admissions data. The alleged hacker told Bloomberg they were looking for signs that it had continued affirmative action policies after the Supreme Court struck it down. Both schools have been at the center of political firestorms over their handling of protests over Israel’s war in Gaza. The alleged Columbia hacker — a self-proclaimed “violently racist” and pro-Hitler figure whose handle includes a racial slur — also took credit for two other hacks at New York University and the University of Minnesota.

link

Q. What was the subject line of the emails sent by the hackers to University of Pennsylvania alumni?

A. “We got hacked (Action Required)”

Q. Who is the sender of the emails, according to the hackers?

A. The potential hacker or hackers themselves

Q. What is the name of the group that was at the forefront of the Supreme Court ruling that struck down race-based affirmative action for college admissions?

A. Students for Fair Admissions (SFFA)

Q. Which act protects the privacy of students’ personal information shared with schools?

A. The Family Educational Rights and Privacy Act (FERPA)

Q. What is the name of the university’s Office responsible for addressing security incidents?

A. The University’s Office of Information Security

Q. How did Columbia University reportedly get hacked this year?

A. By what seems to be politically motivated attackers looking for signs that it had continued affirmative action policies after the Supreme Court struck it down.

Q. What was the alleged hacker’s handle on Bloomberg, which included a racial slur?

A. A self-proclaimed “violently racist” and pro-Hitler figure

Q. Which universities were allegedly targeted by the same hacker besides Columbia University?

A. New York University and the University of Minnesota

Q. Why did the hackers send emails to University of Pennsylvania alumni?

A. To threaten to leak their personal data, citing poor security practices and unmeritocratic admissions.

Q. How did the University of Pennsylvania respond to the hacking incident?

A. By acknowledging the existence of the messages and stating that nothing in the message reflected the mission or actions of Penn or its Graduate School of Education.