University of Pennsylvania officials reported a fraudulent email campaign that sent crude, profanity-laced messages from an account tied to the Graduate School of Education to students, alumni and applicants. The university said core systems appear secure but launched an incident response and is investigating whether any systems or data were compromised. The episode arrives as EDUCAUSE’s 2026 Top 10 frames cybersecurity as a campus-wide responsibility, urging institutions to make collaborative security culture a strategic priority. EDUCAUSE leaders emphasized that security must be integrated across administration, faculty and IT operations to protect students, research data and institutional reputation.