Harvard University, the alma mater of more US presidents than any other educational institution, slipped out a "Cyber Alert" on Wednesday afternoon confessing it had been pwned.
The announcement revealed that an intrusion into its networks had taken place on 19 June, possibly exposing users' login credentials.
The statement claims Harvard has "no indication that personal data, research data, or PIN System credentials have been exposed."
In order to "further secure" its community's data, the university has urged members of eight affected faculties and departments to change their passwords.
The announcement states that "password changes will be required again at a later time as the university takes further steps to enhance security."
An FAQ explained Harvard's response to the intrusion, claiming the university didn't tell anyone about the hack at the time because it wanted to be sure that "notification would not jeopardise our efforts to secure systems and limit damage from the intrusion, potentially making the situation much more difficult to resolve."
Members of the Harvard Business School, Harvard Kennedy School, Harvard Law School, Harvard Medical School and Harvard School of Dental Medicine have all been told they do not need to take any action.
Additionally, the announcement encouraged users to "update all devices synced to your Harvard account, including desktops, laptops, tablets, and mobile phones, with your new password."
"Since discovering this intrusion, the university said, "Harvard has implemented enhanced security measures to protect university data and systems. In addition, we notified federal law enforcement and engaged an external cybersecurity firm to conduct a thorough forensic investigation, which is currently underway." ®