HARVARD.EDU
HARVARD.EDU
Group: Clop
Discovered by ransomware.live: 2025-10-27
Estimated attack date: 2025-10-27
Country:
Description:
[AI generated] Harvard.edu is the official website of Harvard University, a private Ivy League research university located in Cambridge, Massachusetts. The platform provides extensive resources about their programs, academic departments, research, libraries, museums, and campus life. It offers information on admissions, financial aid, courses, faculty, and alumni. As a globally recognized educational institution, its online presence serves students, educators, and researchers worldwide.
Compromised Employees: 335
Compromised Users: 18240
Third Party Employee Credentials: 241
External Attack Surface: 200
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
- No emails found.
- mx0b-00171101.pphosted.com.
- mx0a-00171101.pphosted.com.
- globalsign-domain-verification=5A1F4E0081852ECB9015E837384121AD
- ciscocidomainverification=41ce9827e3fbbca9ce75d5dbb5a6bc7b089dc4e239c1b56ba828216d1214480
- globalsign-domain-verification=B8359DCEFBCF837B95E2F82282E4297A
- globalsign-domain-verification=1DDF777ED1ADF45E5FFAFFAAD6774180
- adobe-idp-site-verification=66e813947c764d98330002232f383a68df8ad609065abb9482f3805dd2a1902c
- globalsign-domain-verification=dcc2e5d0d67efc32044ae679c7cf19e6
- pardot679353=3cc5e124c5020a1e160f01981f45be33a467a1c802711e0e5654184ef56d18c9
- _51a79b140kb1cu9o67nzuefyhhxthv9
- pardot378242=7001579db574e062735763ba81b54da111abc31facf16bbfa653ab6b8a770988
- xIGeuA0e5B1BOjTE4IBO806ziFX9G1m2dVJ8zO7CMkmKwZ6MEkMXC0P7n5SRCGOdS9jbceH/7gKYgD4h9FBGKA==
- google-site-verification=lY-T8NneGQX1RGXeaoBJjSmT_lx3dLRKDq1xY44ZI5w
- google-site-verification=NEWpTHNZnWRWN3trkIMeFbuPVG3ExwOXUHlC9aJ2sks
- airtable-verification=b25f432db3cbc5bfc481914364b6ce41
- atlassian-domain-verification=ASRKBXyOafZgDCRWh1Ylv34hiOSMgAIoNXs8H57rR3aTkuOD5KwJfUN9G3f7Ah/H
- google-site-verification=DzhZyP8pu0M1-RFghfTcSN-9poidboYRNdfn2Rf2hCQ
- jAykGnWytyLeBseMa8x2/MBve6/yQqana4yrAc1ROoei7uZHUkM2FU0Xx4qI/rm+kOGdImZdoq0fdodgLEw1dg==
- atlassian-domain-verification=OYfkFwspEELRW6A32BsDVWgvdz8/pLBxVcq7s/mHLBVGqRQRG58XA5LRtDAGpfA7
- smartsheet-site-validation=jfLh_IkQNJXuKKpTn7RydwiiaAOLy4CR
- google-site-verification=MmfJS0BjLRgcxrlj8kAyNdToKeAmj0fKb-lPOnd5Pmo
- MS=ms35192554
- status-page-domain-verification=b4j4g69th3vv
- atlassian-domain-verification=Z8oUd5brL6/RGUMCkxs4U0P/RyhpiNJEIVx9HXJLr3uqEQ1eDmTnj1eq1ObCgY1i
- airtable-verification=a92cef30671587a4f6deb7951c1c3f1a
- jamf-site-verification=_Bno41ta_Ef2G0krod2Oow
- pardot_378242_*=8b485d5cd9114869cff8f307da5fa9287434ebec11621d88c07ce97a7fee06e0
- globalsign-domain-verification=1C94E0FFAAE95796F597427644D90C03
- anthropic-domain-verification-gy5zhc=zmrGT2kyyc2HlnUn6f0utkQB6
- openai-domain-verification=dv-e8vYSnmmPbWxpNte1iIKgvOO
- globalsign-domain-verification=87677a19ae97bfbeec25ff1510a80420
- Peh2GHoW8uiAzwS9tTZKlGBn9cMq6Y+XUFtrqmLtqFh1WvloPkzGczPsZcSdDfin4hZ7QiL9J7SM8yr7Yyzi8w==
- google-site-verification=xqg8LPF_v_QMEIST789q8xhRDqUEX4_8lQjAvV6YykY
- pardot962443=9098884472c5cb29a2e20700b41411cb4aa5ebcf340360e71b2cd8464d8864b6
- v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
- pardot679353=f93ea3588d69483bf48dbf587511f51d43ddadaae52b8bac6856c8428559a06d
- heroku-domain-verification=1qfmzz9vp3kexf4fr5zuliwvpieih2ffz4gexo7tlh4
- fastly-domain-delgation-vdnblsdg768nm-21052021
- google-site-verification=DZTZhbBaYJ6AO5j-tHFYBdkwryNywFh2gMUeg3SRDSg
- globalsign-domain-verification=9ff12eafbeebb02a0f2b0383aef9d1fa
- status-page-domain-verification=p83gt91wpxms
- google-site-verification=xXWxVElKH8ek_eW45CbAqVSMTQgAqLYUNQUrWpOmkrY
- globalsign-domain-verification=C44DEEAC45AB4DC2B5AD0B9B2E5D5803
- geneious.com:domain-verification=1781B6exIEsRBzJ0KzPtKg
- google-site-verification=pWvLuNePLYxAbafZw2a95vnBhvcj12DzM9NulT9ujSY
- openai-domain-verification=dv-5z82SztO32q9YBNgFooNBz5v
- airtable-verification=8b8110e9283dd87d57b3c5f2f5af2db1
Leak Screenshot:
