Princeton database compromised in cyberattack

According to post to the university’s blog over the weekend, a cyberattack on Nov. 10 compromised a Princeton University database.

The news, first reported by Bleeping Computer, was initiated through a phishing attack against university employees. The compromised data reportedly included biographical information related to university fundraising and alumni engagement activities, including names, email addresses, telephone numbers and home and business addresses.

“The database that was compromised does not generally contain Social Security numbers, passwords, or financial information such as credit card or bank account numbers,” read a statement provided by university Chief Information Officer Daren Hubbard and Kevin Heaney, vice president for advancement.

An informational webpage last updated on Tuesday explains that the university still doesn’t know, though, exactly which information was extracted. The university said it will be unable to contact all of those whose information was compromised.

“There are some people whose information is potentially affected for whom we do not have an email address. In addition, some emails may be rejected by recipients’ email services or directed to spam folders,” the page reads.

The university has said that the attack is not believed to be politically motivated. Other recent university cyberattacks have been politically motivated, such as one against the University of Pennsylvania in October in which the attackers left a vulgar message mentioning “unqualified affirmative action admits.”