The hacker behind University of Pennsylvania's massive data breach just revealed their real motive wasn't anti-DEI activism – it was cold, hard cash. Speaking exclusively to The Verge, the perpetrator claims they're sitting on 1.2 million lines of stolen donor data they plan to sell before going public. This isn't your typical hacktivist operation.
The hacker behind last week's devastating University of Pennsylvania breach just shattered assumptions about their motives. In exclusive Signal messages to The Verge, they revealed this wasn't ideological warfare – it was a straight-up heist targeting ultra-wealthy donor databases.
"Our main goal was to get the wealthy donor database," the hacker told reporters via encrypted messaging. That inflammatory email about hiring "morons" and "unqualified affirmative action admits"? Just "a fun rant" sent after they'd already stolen what they came for, according to the perpetrator.
The timing couldn't be more damaging for Penn. The breach exposed internal talking points about former president Liz Magill's congressional testimony – the same appearance that led to her resignation after fumbling questions about antisemitic speech on campus. Now those private strategy documents are circulating on underground forums.
But it's the donor data that represents the real prize. Samples verified by The Verge contain emails, phone numbers, home addresses, donation histories, and even religious affiliations of Penn's wealthiest supporters. The hacker claims their database reaches back decades, showing birthdates from the 1920s and marking deceased donors.
Among the high-profile victims: former President Joe Biden and multiple family members, all listed in what appears to be Penn's comprehensive donor tracking system. The hacker specifically targeted "UHNWIs" – ultra-high-net-worth individuals – explaining that universities with massive endowments were natural hunting grounds.
"We selected Penn because it was an easy target with a fairly weak authentication system," they admitted. The confession points to fundamental security failures at an institution managing billions in donations and handling sensitive alumni data.
Zack Ganot, CEO of DataBreach.com, confirmed the legitimacy after reviewing samples: "The samples leave little room for doubt: this was no email spoof. They reflect genuine access to internal, confidential Penn materials, including recently created files."
The financial motive sets this breach apart from recent university hacks. A separate attacker recently claimed responsibility for breaches at Columbia, NYU, University of Minnesota, and other schools, allegedly to expose continued affirmative action practices post-Supreme Court ruling. That hacker, described by Bloomberg as "violently racist," has connections to neo-monarchist Curtis Yarvin, a friend of Vice President JD Vance.
The Penn hacker explicitly distanced themselves from those ideological attacks. "A lot of the reporting has framed this as primarily 'anti-DEI' motivated," they explained, "but neither of those two things was the reason we targeted them."
Instead, they're treating this like a business. About 1.2 million lines of data will be kept private and sold to interested buyers before any public release. Some documents have already appeared on Leakforum, suggesting the monetization has begun.
University communications confirmed they're still investigating the breach and have reported it to the FBI. But for thousands of donors whose personal information is now commodity on dark web markets, that investigation feels like closing the barn door after the horses have bolted.
The breach exposes how universities have become attractive targets for financially motivated hackers. With massive endowments, wealthy donor networks, and often outdated security infrastructure, they're sitting ducks for cybercriminals seeking high-value personal data.
What makes this particularly concerning is the hacker's casual approach to the stolen information. They're not trying to make political statements or expose institutional hypocrisy. They just want to get paid. That mercenary mindset suggests we'll see more universities targeted as criminal enterprises realize how much money sits in those donor databases.
This breach represents a new threat model for higher education institutions. While previous university hacks were ideologically driven, the Penn incident shows cybercriminals now view donor databases as lucrative targets. With 1.2 million data points up for sale and the FBI investigating, this case will likely become a watershed moment for university cybersecurity. The bigger question isn't just how Penn failed to protect this information, but how many other schools are sitting on similar treasure troves with equally weak defenses.
