The Clop ransomware gang has stolen the info of almost 3.5 million College of Phoenix (UoPX) college students, employees, and suppliers after breaching the college’s community in August.
Headquartered in Phoenix, Arizona, UoPX is a non-public for-profit college based in 1976 with over 100,000 enrolled college students and almost 3,000 educational employees.
In early December, the college disclosed the incident on its official web site, and Phoenix Schooling Companions, its mother or father firm, filed an 8-Ok with the U.S. Securities and Change Fee (SEC).
UoPX mentioned it detected the breach on November 21 (after Clop added it to its information leak web site), noting that the attackers exploited a zero-day vulnerability within the Oracle E-Enterprise Suite (EBS) monetary software to steal delicate private and monetary info belonging to employees, suppliers, and present and former college students.
“We imagine that the unauthorized third-party obtained sure private info, together with names and phone info, dates of beginning, social security numbers, and checking account and routing numbers with respect to quite a few present and former college students, workers, school and suppliers was accessed with out authorization,” the varsity acknowledged.
Andrea Smiley, the college’s Vice President for Public Relations, instructed BleepingComputer on the time that UoPX was “reviewing the impacted information and can present the required notifications to affected people and regulatory entities.”
On Monday, the varsity revealed in notification letters filed with the workplace of Maine’s Lawyer Common and mailed to these whose information have been stolen within the assault that the data breach impacts 3,489,274 people.
UoPX now presents free id safety companies, together with a $1 million fraud reimbursement coverage, 12 months of credit score monitoring, id theft restoration, and darkish internet monitoring.
Whereas the varsity has but to attribute the breach, based mostly on the small print shared up to now, the assault is a part of a Clop extortion marketing campaign wherein the ransomware gang exploited a zero-day flaw (CVE-2025-61882) since early August 2025 to steal information from many victims’ Oracle EBS platforms.
Clop has additionally focused different U.S. universities in the identical sequence of knowledge theft assaults, together with Harvard College and the College of Pennsylvania, which additionally confirmed Oracle EBS breaches impacting their employees and college students.
Clop has been behind a number of information theft campaigns prior to now, focusing on GoAnywhere MFT, Accellion FTA, MOVEit Switch, Cleo, and, most not too long ago, Gladinet CentreStack prospects.
The U.S. Division of State now presents a $10 million reward for info linking the cybercrime gang’s assaults to a overseas authorities.
Since late October, a number of different U.S. universities have additionally been breached in voice phishing assaults, with Harvard College, the College of Pennsylvania, and Princeton College disclosing that techniques used for growth and alumni actions have been compromised to steal the private info of donors, college students, alumni, employees, and college.
Damaged IAM is not simply an IT downside – the impression ripples throughout your complete enterprise.
This sensible information covers why conventional IAM practices fail to maintain up with fashionable calls for, examples of what “good” IAM appears like, and a easy guidelines for constructing a scalable technique.
