HAA A.I CyberSecurity Scoring
HAA
Company Information
Website:https://alumni.harvard.edu/
Employees number:97
Number of followers:23,190
NAICS:6113
Industry Type:Higher Education
Homepage:harvard.edu
HAA Risk Score (AI oriented)
Between 550 and 599
HAAHigher Education
Updated:
29/03/2026
29/03/2026
591/1000
Very Poor
Ca
HAA Global Score (TPRM)
xxxx
HAAHigher Education
Score locked

HAAVery Poor
Current Score
591Ca (VERY POOR)
01000
3 incidents
-62.5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
601
JUNE 2026
599
MAY 2026
594
APRIL 2026
594
MARCH 2026
589
FEBRUARY 2026
585
JANUARY 2026
583
DECEMBER 2025
581
NOVEMBER 2025
639
Breach
22 Nov 2025 • HAA
Harvard University
Harvard University Alumni Affairs and Development Office Data Breach via Phone-Based Phishing Attack
577
HIGH-62
HAR3692736112225
Harvard University’s Alumni Affairs and Development Office suffered a phone-based phishing attack earlier this week, granting an unauthorized party access to sensitive systems. The breach exposed donation records, event attendance logs, email addresses, phone numbers, and home addresses of alumni, donors, faculty, and families of current students. While Social Security numbers, passwords, and financial details were reportedly not compromised, the full scope of accessed data remains unclear as investigations continue with third-party cybersecurity experts and law enforcement. The attack mirrors recent incidents at Princeton and the University of Pennsylvania, where similar phishing schemes targeted donor and alumni records. At Penn, hackers leaked internal documents (including donor memos and bank transactions) and sent profane emails to affiliates. Harvard has not yet confirmed whether affected individuals will receive direct notifications. The breach underscores vulnerabilities in higher education institutions’ defenses against social engineering attacks, particularly those exploiting phone-based phishing to harvest personal and institutional data.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
698
Breach
01 Oct 2025 • HAA
Harvard University
Harvard reports vishing breach exposing alumni and donor contact data
635
CRITICAL-63
HAR3314333112525
Harvard University suffered a vishing breach targeting its Alumni Affairs and Development systems, exposing sensitive contact and biographical data of alumni, donors, faculty, staff, and associated individuals. The compromised information includes email addresses, phone numbers, home/business addresses, event attendance records, and donation details, though no Social Security numbers, passwords, or financial data were accessed. The breach occurred via a phone-based phishing (vishing) attack, prompting Harvard to revoke unauthorized access and launch an investigation with external cybersecurity experts. Affected individuals were notified on November 22, 2025, with warnings to remain vigilant against follow-up scams. While the incident was contained, it follows a separate Cl0p ransomware-related breach in mid-October, where attackers exploited a patched Oracle E-Business Suite vulnerability, though Harvard downplayed its broader impact.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
698
AUGUST 2025
697
MAY 2025
770
Breach
01 May 2025 • HAA
Harvard University
Harvard University Phone-Based Phishing Attack and Data Breach
692
HIGH-78
HAR22102022112525
Harvard University suffered a phone-based phishing attack that breached databases managed by the Office of Alumni Affairs and Development, discovered on November 18. The unauthorized party gained access to systems containing personal information—though not Social Security numbers, passwords, or financial data—such as email addresses, phone numbers, home/business addresses, donation histories, event attendance records, and biographical details tied to fundraising and alumni engagement. Affected parties include alumni, their spouses/partners, widows/widowers of alumni, donors, parents of students, some faculty, staff, and current students. The attack mirrors a rising trend of targeted breaches at elite universities, with similar incidents reported at Princeton, UPenn, Columbia, NYU, Stanford, and Georgetown. While financial gain may be a motive, the attackers in some cases (e.g., UPenn) cited political grievances, accusing institutions of being 'elitist' or misusing affirmative action policies. Harvard’s response included terminating the attacker’s access, launching an investigation with third-party cybersecurity experts and law enforcement, and setting up a dedicated website for updates. The full scope of compromised data remains unclear, but the breach exposes sensitive personal records of a broad university-affiliated population.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for HAA ??
What was HAA's A.I Rankiteo Cyber Score in June 2026 ??
What was HAA's A.I Rankiteo Cyber Score in May 2026 ??
What was HAA's A.I Rankiteo Cyber Score in April 2026 ??
What was HAA's A.I Rankiteo Cyber Score in March 2026 ??
What was HAA's A.I Rankiteo Cyber Score in February 2026 ??
What was HAA's A.I Rankiteo Cyber Score in January 2026 ??
What was HAA's A.I Rankiteo Cyber Score in December 2025 ??
What was HAA's A.I Rankiteo Cyber Score in November 2025 ??
What was HAA's A.I Rankiteo Cyber Score in October 2025 ??
What was HAA's A.I Rankiteo Cyber Score in September 2025 ??
What was HAA's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on HAA's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with HAA ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view HAA's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?