The College of Phoenix (UoPX) has joined a rising listing of U.S. universities breached in a Clop knowledge theft marketing campaign focusing on susceptible Oracle E-Enterprise Suite cases in August 2025.
Based in 1976 and headquartered in Phoenix, Arizona, UoPX is a non-public for-profit college with almost 3,000 tutorial employees and over 100,000 enrolled college students.
The college disclosed the data breach on its official web site on Tuesday, whereas its father or mother firm, Phoenix Schooling Companions, filed an 8-Okay type with the U.S. Securities and Trade Fee (SEC).
UoPX mentioned it detected the incident on November 21 (after the extortion group added it to its knowledge leak web site) and famous that the attackers exploited a zero-day vulnerability within the Oracle E-Enterprise Suite (EBS) monetary software to steal a variety of delicate private and monetary info belonging to college students, employees, and suppliers.
“We consider that the unauthorized third-party obtained sure private info, together with names and speak to info, dates of delivery, social security numbers, and checking account and routing numbers with respect to quite a few present and former college students, staff, school and suppliers was accessed with out authorization,” the college mentioned.
“We proceed to assessment the impacted knowledge and can present the required notifications to affected people and regulatory entities. Affected people will quickly obtain a letter by way of US Mail outlining the small print of the incident and subsequent steps to take.”
A spokesperson for the College of Phoenix did not reply when BleepingComputer reached out at this time to request extra particulars in regards to the breach, together with the identification of the attackers and the whole variety of people affected.
Though the UoPX has but to attribute the incident to a selected cybercrime group, primarily based on the small print shared thus far, the breach is a part of a Clop ransomware gang extortion marketing campaign during which the gang has exploited a zero-day flaw (CVE-2025-61882) to steal delicate paperwork from many victims’ Oracle EBS platforms since early August 2025.
As a part of the identical sequence of information theft assaults, Clop has additionally focused different universities in america, together with Harvard College and the College of Pennsylvania, which have additionally confirmed Oracle EBS breaches impacting their college students and employees.
The extortion group additionally compromised the Oracle EBS cases of dozens of corporations worldwide, together with GlobalLogic, Logitech, The Washington Publish, and the American Airways subsidiary Envoy Air, and leaked the stolen knowledge on its darkish website.
Previously, Clop was additionally behind knowledge theft campaigns focusing on GoAnywhere MFT, Accellion FTA, Cleo, and MOVEit Switch prospects, the latter affecting greater than 2,770 organizations.
Since late October, the methods of a number of U.S. universities have additionally been breached in a sequence of voice phishing assaults, with Harvard College, College of Pennsylvania, and Princeton College disclosing that the attackers breached methods used for growth and alumni actions to steal the private info of donors, employees, college students, alumni, and college.
Damaged IAM is not simply an IT drawback – the impression ripples throughout your complete enterprise.
This sensible information covers why conventional IAM practices fail to maintain up with fashionable calls for, examples of what “good” IAM appears like, and a easy guidelines for constructing a scalable technique.
