The Clop ransomware gang compromised the University of Phoenixβs network, stealing personal and financial data of nearly 3.5 million individuals using a zero-day vulnerability in Oracle E-Business Suite. This attack is part of a larger campaign affecting multiple U.S. universities and highlights the dangers of zero-day exploits in critical systems. #Clop #OracleEBS #UniversityofthePhoenix #DataBreach
Keypoints
- The Clop ransomware gang targeted the University of Phoenix in August, stealing data of over 3.4 million individuals.
- The breach exploited a zero-day vulnerability (CVE-2025-61882) in the Oracle E-Business Suite financial application.
- Data accessed included names, contact details, social security numbers, and bank information of students, staff, and suppliers.
- Several other U.S. universities, including Harvard, the University of Pennsylvania, and Princeton, have also been affected by similar attacks.
- UoPX is offering free identity protection services and increased monitoring to affected individuals following the breach.