University of Phoenix breach exposes millions in major Oracle attack
The Oracle zero-day flaw enabled a large-scale breach at the University of Phoenix, adding to a growing list of US universities targeted by sophisticated cyber extortion groups.
Almost 3.5 million students, staff and suppliers linked to the University of Phoenix have been affected by a data breach tied to a sophisticated cyber extortion campaign. The incident followed unauthorised access to internal systems, exposing highly sensitive personal and financial information.
Investigations indicate attackers exploited a zero-day vulnerability in Oracle E-Business Suite, a widely used enterprise financial application. The breach surfaced publicly after the Clop ransomware group listed the university on its leak site, prompting internal reviews and regulatory disclosures.
Compromised data includes names, contact details, dates of birth, social security numbers and banking information. University officials have confirmed that affected individuals are being notified, while filings with US regulators outline the scale and nature of the incident.
The attack forms part of a broader wave of intrusions targeting American universities and organisations using Oracle platforms. As authorities offer rewards for intelligence on Clop’s operations, the breach highlights growing risks facing educational institutions operating complex digital infrastructures.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!