Nearly 3.5 million students, staff, and suppliers linked to the University of Phoenix have had their personal data stolen in a major cyberattack.
The breach occurred after hackers exploited a previously unknown security flaw in Oracle’s E-Business Suite financial software. The University of Phoenix detected the intrusion on November 21, shortly after the Clop ransomware gang listed the school on its data leak website.
According to the university, the stolen data includes names, contact details, dates of birth, Social Security numbers, and banking information belonging to current and former students, faculty members, employees, and suppliers.
This week, the school revealed in official notification letters submitted to the Maine Attorney General that exactly 3,489,274 individuals were affected. Impacted users are being offered free identity protection services, including credit monitoring, identity theft recovery, dark web monitoring, and a $1 million fraud reimbursement policy.
While the university has not formally named the attackers, the breach closely matches Clop’s ongoing extortion campaign. Since August, the group has been exploiting a zero-day vulnerability in Oracle E-Business Suite, tracked as CVE-2025-61882, to steal sensitive data from organizations worldwide.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
