UP
Company Details
Linkedin ID:
university-of-pennsylvania
Website:
Employees number:
21,994
Number of followers:
528,362
NAICS:
6113
Industry Type:
Homepage:
upenn.edu
IP Addresses:
1047
Company ID:
UNI_5783928
Scan Status:
Completed
University of Pennsylvania Company CyberSecurity Posture
upenn.edu
The University of Pennsylvania is one of the oldest universities in America and, as a member of the Ivy League, one of the most prestigious institutions of higher learning in all the world. Penn is home to 12 schools including the School of Arts and Sciences, the School of Nursing, the School of Engineering and Applied Science and the Wharton School of Business, as well as several graduate and professional schools such as the Perelman School of Medicine.
University of Pennsylvania A.I CyberSecurity Scoring
UP Risk Score (AI oriented)Between 700 and 749
UP
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UP Global Score (TPRM)XXXX
UP
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UP Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
University of Pennsylvania (Penn)
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The University of Pennsylvania (Penn) suffered a cybersecurity breach in which an unauthorized individual infiltrated its network and potentially exfiltrated personally identifiable information (PII) of over **one million donors**. The compromised data includes **donation histories, donor net worth, and demographic details**, though the full scope of misuse remains under investigation. The incident has prompted a class-action investigation by **Lynch Carpenter, LLP**, a national law firm specializing in data privacy litigation, suggesting significant legal and reputational risks for Penn. Affected individuals may be eligible for compensation, indicating potential financial liabilities for the institution. The breach underscores vulnerabilities in Penn’s cybersecurity defenses, particularly in safeguarding high-value donor data, which could erode trust among stakeholders and donors. The long-term impact may include regulatory scrutiny, operational disruptions, and costs associated with remediation, notification, and legal settlements.
UP Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UP
Incidents vs Higher Education Industry Average (This Year)
University of Pennsylvania has 38.89% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
University of Pennsylvania has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types UP vs Higher Education Industry Avg (This Year)
University of Pennsylvania reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — UP (X = Date, Y = Severity)
UP cyber incidents detection timeline including parent company and subsidiaries
UP Company Subsidiaries
The University of Pennsylvania is one of the oldest universities in America and, as a member of the Ivy League, one of the most prestigious institutions of higher learning in all the world. Penn is home to 12 schools including the School of Arts and Sciences, the School of Nursing, the School of Engineering and Applied Science and the Wharton School of Business, as well as several graduate and professional schools such as the Perelman School of Medicine.
Loading...
UP Similar Companies
University of Pretoria
The University of Pretoria is a multi-faculty research-intensive university that has remained among the top South African universities in research output and impact. UP is also the top producer of graduates in the country. With campuses in Pretoria and its surrounds, as well as in the country’s econ
Boston University School of Public Health
Ranked in the top 10 schools and programs of public health in the world by US News and World Report, Boston University School of Public Health provides the opportunity to engage in world-renowned research, scholarship, social justice, and public health practice. Founded in 1976, BUSPH offers master
Louisiana State University
LSU is the flagship institution of Louisiana and is one of only 30 universities nationwide holding land-grant, sea-grant and space-grant status. Since 1860, LSU has served its region, the nation, and the world through extensive, multipurpose programs encompassing instruction, research, and public
Harvard University
Harvard University is devoted to excellence in teaching, learning, and research, and to developing leaders in many disciplines who make a difference globally. Founded in 1636, Harvard is the oldest institution of higher learning in the United States. The official flagship Harvard social media chann
The University of Manchester
The University of Manchester is part of the prestigious Russell Group of universities and highly respected across the globe as a centre of teaching excellence and research innovation and discovery. With 25 Nobel Prize winners among our current and former staff and students, we have a history of wor
University of Connecticut
The University of Connecticut (UConn), a Wall Street Journal top 10 public university, is home to more than 32,000 students, 1,500 faculty, 255,000 proud alumni, and a handsome husky named Jonathan. The University has fourteen schools and colleges: Agriculture and Natural Resources, Business, Denta
University of California, San Francisco
UC San Francisco is driven by the idea that when the best research, the best education and the best patient care converge, great breakthroughs are achieved. We pursue this integrated excellence with singular focus, fueled by collaboration among our top-ranked professional and graduate schools, medic
Monash University
Monash University is Australia’s largest and most international university. Its extensive educational offering, delivered via our 10 faculties, includes undergraduate, postgraduate and research courses. Monash is a research-intensive university, known for some significant and lasting discoveries tha
UC Irvine
Since 1965, the University of California, Irvine has combined the strengths of a major research university with the bounty of an incomparable Southern California location. As a U.S. News & World Report top 10 public university, UCI’s unyielding commitment to rigorous academics, cutting-edge research
.png)
UP CyberSecurity News
November 21, 2025 05:42 AM
Penn institutes mandatory information security training for all employees following data breach
Following last month's cybersecurity breach, Penn implemented a new mandatory information security training for all faculty and staff on...
November 20, 2025 08:01 AM
Why Hackers Are Targeting the Ivy League
Recent cyberattacks at prominent institutions show how vulnerable higher education systems are and why they struggle to defend themselves.
November 19, 2025 04:28 AM
Lawyers seek to consolidate class-action lawsuits against Penn over cybersecurity hack
The consolidated class action case would assume the name of the first plaintiff, 2014 College graduate Christopher Kelly, and include “all...
November 17, 2025 08:00 AM
University fundraising database left compromised after cybersecurity incident
Data in Princeton University's Advancement database was compromised after a phishing attack on an employee.
November 14, 2025 02:04 PM
UPenn experiences cyber attack
UPenn was subject to a data breach affecting 1.2 million records, according to the hackers who claimed responsibility.
November 12, 2025 08:00 AM
The University of Pennsylvania Data Breach: What It Reveals About Cybersecurity in Higher Education
When one of the world's most prestigious universities experiences a cyberattack, it becomes a reminder that no organization, regardless of...
November 10, 2025 08:00 AM
What Penn’s leaked internal ‘talking points’ say about recent University controversies
Among the thousands of files leaked in an Oct. 31 cybersecurity attack on Penn were several memos that appear to have been internally...
November 07, 2025 04:46 PM
University of Pennsylvania hit with lawsuits claiming negligence in protecting former students’ information during cyberattack
Former University of Pennsylvania students are suing, alleging inadequate data protection following a cyberattack. The breach, initiated by a fraudulent...
November 07, 2025 03:49 PM
Hackers invade University of Pennsylvania servers to expose wealthy donor info
Cyberattack hits University of Pennsylvania servers, exposing wealthy donor information and raising urgent concerns over data security and protection.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UP CyberSecurity History Information
Official Website of University of Pennsylvania
The official website of University of Pennsylvania is http://www.upenn.edu/.
University of Pennsylvania’s AI-Generated Cybersecurity Score
According to Rankiteo, University of Pennsylvania’s AI-generated cybersecurity score is 734, reflecting their Moderate security posture.
How many security badges does University of Pennsylvania’ have ?
According to Rankiteo, University of Pennsylvania currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does University of Pennsylvania have SOC 2 Type 1 certification ?
According to Rankiteo, University of Pennsylvania is not certified under SOC 2 Type 1.
Does University of Pennsylvania have SOC 2 Type 2 certification ?
According to Rankiteo, University of Pennsylvania does not hold a SOC 2 Type 2 certification.
Does University of Pennsylvania comply with GDPR ?
According to Rankiteo, University of Pennsylvania is not listed as GDPR compliant.
Does University of Pennsylvania have PCI DSS certification ?
According to Rankiteo, University of Pennsylvania does not currently maintain PCI DSS compliance.
Does University of Pennsylvania comply with HIPAA ?
According to Rankiteo, University of Pennsylvania is not compliant with HIPAA regulations.
Does University of Pennsylvania have ISO 27001 certification ?
According to Rankiteo,University of Pennsylvania is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of University of Pennsylvania
University of Pennsylvania operates primarily in the Higher Education industry.
Number of Employees at University of Pennsylvania
University of Pennsylvania employs approximately 21,994 people worldwide.
Subsidiaries Owned by University of Pennsylvania
University of Pennsylvania presently has no subsidiaries across any sectors.
University of Pennsylvania’s LinkedIn Followers
University of Pennsylvania’s official LinkedIn profile has approximately 528,362 followers.
NAICS Classification of University of Pennsylvania
University of Pennsylvania is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.
University of Pennsylvania’s Presence on Crunchbase
No, University of Pennsylvania does not have a profile on Crunchbase.
University of Pennsylvania’s Presence on LinkedIn
Yes, University of Pennsylvania maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/university-of-pennsylvania.
Cybersecurity Incidents Involving University of Pennsylvania
As of November 27, 2025, Rankiteo reports that University of Pennsylvania has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
University of Pennsylvania has an estimated 14,032 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at University of Pennsylvania ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does University of Pennsylvania detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure via press release; legal firm (lynch carpenter, llp) notified affected individuals for potential claims..
Incident Details
Can you provide details on each incident ?
Title: University of Pennsylvania Data Breach (2025)
Description: An unauthorized person gained access to the University of Pennsylvania's (Penn) network and may have acquired records containing personally identifiable information (PII) of over one million donors, including donation history, net worth, and demographic details. Lynch Carpenter, LLP is investigating potential claims related to this breach.
Date Publicly Disclosed: 2025-11-04
Type: Data Breach
Threat Actor: Unauthorized person
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach UNI1692816110425
Data Compromised: Donation history, Donor net worth, Demographic details
Brand Reputation Impact: Potential reputational damage due to exposure of sensitive donor information
Legal Liabilities: Lynch Carpenter, LLP is investigating claims for potential compensation; class action lawsuit possible
Identity Theft Risk: High (PII exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Donation History, Donor Net Worth, Demographic Details and .
Which entities were affected by each incident ?
Incident : Data Breach UNI1692816110425
Entity Name: University of Pennsylvania (Penn)
Entity Type: Educational Institution
Industry: Higher Education
Location: Philadelphia, Pennsylvania, USA
Customers Affected: 1,000,000+ (donors)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach UNI1692816110425
Communication Strategy: Public disclosure via press release; legal firm (Lynch Carpenter, LLP) notified affected individuals for potential claims
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach UNI1692816110425
Type of Data Compromised: Donation history, Donor net worth, Demographic details
Number of Records Exposed: 1,000,000+
Sensitivity of Data: High (PII, financial details)
Data Exfiltration: Possible (unauthorized access and acquisition of records)
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach UNI1692816110425
Legal Actions: Potential class action lawsuit (under investigation by Lynch Carpenter, LLP)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Potential class action lawsuit (under investigation by Lynch Carpenter, LLP).
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: GlobeNewswire Press ReleaseDate Accessed: 2025-11-04.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach UNI1692816110425
Investigation Status: Ongoing (Lynch Carpenter, LLP investigating claims)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via press release; legal firm (Lynch Carpenter and LLP) notified affected individuals for potential claims.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach UNI1692816110425
Stakeholder Advisories: Affected donors advised to contact Lynch Carpenter, LLP for legal review
Customer Advisories: Donors whose PII may have been compromised are encouraged to seek legal consultation via Lynch Carpenter, LLP
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Affected donors advised to contact Lynch Carpenter, LLP for legal review, Donors whose PII may have been compromised are encouraged to seek legal consultation via Lynch Carpenter and LLP.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach UNI1692816110425
High Value Targets: Donor Records, Financial Details,
Data Sold on Dark Web: Donor Records, Financial Details,
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized person.
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-11-04.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were donation history, donor net worth, demographic details and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were donor net worth, demographic details and donation history.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.0M.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Potential class action lawsuit (under investigation by Lynch Carpenter, LLP).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is GlobeNewswire Press Release.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (Lynch Carpenter, LLP investigating claims).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Affected donors advised to contact Lynch Carpenter, LLP for legal review, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Donors whose PII may have been compromised are encouraged to seek legal consultation via Lynch Carpenter and LLP.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=university-of-pennsylvania' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
