Harvard Detects Network Intrusion, Recommends Password Changes

Harvard Information Security recently discovered an intrusion into its network, according to University Chief Information Officer Anne H. Margulies.

Margulies wrote in an email to members of the Faculty of Arts and Sciences Monday that some users’ passwords for HarvardKey, the University’s new online login system that rolled out last academic year, may have been exposed. The intrusion took place specifically within the FAS portion of the network, according to Harvard University Information Technology spokesperson Kevin Donovan.

Margulies recommended that users change their HarvardKey passwords and enable a “two-step verification” process for logging in to Harvard’s online services, by which users confirm the authenticity of a login attempt using a device such as a mobile phone or tablet.

Harvard College students were required to sign up for HarvardKey by June 1 in order to access certain online resources, including Microsoft Office 365. College faculty and staff were required to sign up by April 20.

HUIT is continuing to investigate the incident, according to Donovan.

—Staff writer Brian P. Yu can be reached at brian.yu@thecrimson.com. Follow him on Twitter @brianyu28.