Dear Members of the Harvard Community:
Harvard Information Security recently detected an intrusion on the Harvard network. The intrusion was discovered quickly as a result of improved monitoring deployed in the last year, and unauthorized access was immediately removed.
While not believed to be the intended target of the attack, your HarvardKey password may have been exposed. The University strongly recommends that you take the following actions:
Change your HarvardKey password: As soon as possible, change your HarvardKey password and update all devices synced to your Harvard account—including tablets and mobile phones—with your new password. Instructions on how to change your HarvardKey password are available at http://reference.iam.harvard.edu/recover-reset-password.
Enable two-step verification on HarvardKey: Turning on two-step verification is one of the simplest and most effective ways to keep your HarvardKey login secure. Instructions on how to enable two-step verification are available at http://reference.iam.harvard.edu/faq/how-do-i-set-two-step-verification.
This message is intended for members of the Faculty of Arts and Sciences, including recent graduates and affiliates. Not all Schools and units are affected by this incident. If you would like any assistance, please contact the HUIT Service Desk at firstname.lastname@example.org or 617-495-7777.
The security team continues to closely monitor the Harvard network for any further suspicious activity, and is working with federal law enforcement to investigate this incident. Additional information, including FAQs, is available on the Harvard Information Security website at security.harvard.edu/cyber-alert.
Anne H. Margulies
Vice President and University Chief Information Officer