Cyber Incident Victim: Princeton University
Date:
Mar 2016
Location:
United States of America
Summary
Public printers at Princeton University and several other institutions were targeted with unsolicited print jobs containing white supremacist imagery and messages, exploiting publicly accessible networked printers. The perpetrator, Andrew Auernheimer, claimed to have sent the flyers indiscriminately to all open printers across North America without breaching systems, leveraging universities' intentionally exposed printing infrastructure for remote access. A subsequent unrelated incident involving anti-LGBT flyers occurred at some locations. The incident highlighted vulnerabilities in printer security configurations, prompting at least one affected university to implement network traffic filtering to prevent similar unauthorized print jobs. Auernheimer, known for prior security-related controversies, operated from abroad and faced no legal repercussions due to the absence of unauthorized access.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On March 27, 2016, public networked printers at Princeton University and multiple other North American educational institutions printed unsolicited flyers containing swastikas and white-supremacist messaging. The incident was orchestrated by Andrew "Weev" Auernheimer, a hacker and internet troll who exploited publicly accessible printers connected to university networks. Auernheimer conducted a mass print job by targeting devices openly exposed to the internet, often deliberately configured to allow remote printing for faculty and students. He identified vulnerable printers through network scans of public IP address ranges rather than gaining unauthorized access to secured systems. Confirmed affected institutions included Princeton University, University of California-Berkeley, University of Massachusetts-Amherst, Brown University, Smith College, Mount Holyoke College, and Stony Brook University. Auernheimer later claimed in an interview with *The New York Times* that he had not specifically targeted universities but had sent the print jobs to all publicly accessible printers across North America. The flyers’ distribution caused immediate disruptions as staff discovered the offensive materials.
Stony Brook University’s Chief Information Security Officer, Philip Doesschate, confirmed via a March 27 email that at least one campus printer had output the flyer. The university’s IT department responded by applying filters to block similar malicious print jobs from external sources, citing insufficient printer security as the root vulnerability. A subsequent copycat incident on March 28 printed anti-LGBT flyers at Berkeley and Amherst, which Auernheimer denied orchestrating. No legal action against Auernheimer was anticipated, as his actions exploited network openness rather than breaching restricted systems. Auernheimer, previously convicted and later acquitted for the 2010 AT&T iPad email data breach, resided in Serbia during the incident and publicly acknowledged his role in the printer campaign. The event highlighted risks associated with publicly exposed networked devices in academic environments.