
University of Pennsylvania Breach
Oct 3, 2025
651,409 rows
What happened in the University of Pennsylvania Breach?
DataBreach.com Team · February 4th 2026, 7:00 pm EST
The University of Pennsylvania breach, detected on October 31, 2025, was a sophisticated intrusion attributed to ShinyHunters (Scattered Lapsus$ Hunters). The attackers gained access by compromising a PennKey SSO account, allowing them to move laterally through systems like Salesforce and SharePoint. Before the full data dump, the group gained notoriety by weaponizing Penn's internal tools to send offensive mass emails to over 700,000 students and alumni, turning a standard theft into a public relations nightmare.
The exfiltrated data is highly granular, containing 3,062,299 full names, 2,814,987 street addresses, 1,858,436 dates of birth, 643,833 phone numbers, and 623,964 emails. Most critically, the leak exposed donation amounts and internal dossiers on "Ultra High Net Worth" donors, including high-profile alumni like the Trump family. These files contained sensitive internal commentary and "wealth band" assessments, providing a roadmap for future social engineering attacks against the university's donor base.










