A company spokesperson confirmed that an employee was “socially engineered,” which allowed a threat actor to access the account and download a limited number of files.
According to the alleged leak details, the hacking group ShinyHunters claims it obtained approximately 2.5 GB of data. The group further stated that the files were published after a ransom demand was refused. TechCrunch reported reviewing samples of the leaked data, which allegedly include names, addresses, dates of birth, and phone numbers.
Reports also suggest this incident may be part of a broader campaign targeting Okta SSO users. Other institutions, including Harvard and the University of Pennsylvania, have been cited as potential victims.
In response, the company said it quickly blocked the unauthorized activity, engaged an external forensic investigation firm, began notifying impacted individuals, and is offering complimentary credit monitoring services.