Bleeping Computer reports:
A hacker has taken responsibility for last week’s University of Pennsylvania “We got hacked” email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents.
On Friday, University of Pennsylvania alumni and students began receiving multiple offensive emails from Penn.edu addresses claiming the university had been hacked and data stolen.
“The University of Pennsylvania is a dog**** elitist institution full of woke retards. We have terrible security practices and are completely unmeritocratic,” reads the email sent to Penn alumni and students.
The Data Breach Times had delayed publishing the university’s initial denial of any hack because we suspected it was inaccurate. As we anticipated, the hacker responded to the university’s denial by starting to dump data. Bleeping Computer reports the attack was much more than just sending a vulgar email:
However, the threat actor behind the attack contacted BleepingComputer, claiming the intrusion was far broader and that they had gained access to multiple university systems.
The hacker said their group “gained full access” to an employee’s PennKey SSO account, allowing access to Penn’s VPN, Salesforce data, Qlik analytics platform, SAP business intelligence system, and SharePoint files.
Read more at Bleeping Computer.