By Carly Page
Publication Date: 2025-12-02 17:50:00
The University of Pennsylvania has become the latest victim of Clop’s raid on Oracle’s E-Business Suite (EBS) customers. The Ivy League school has now warned more than a thousand people that their personal information had been stolen from its systems.
In a data breach notification letter filed with the Maine Attorney GeneralAccording to Penn, attackers exploited a zero-day in Oracle’s EBS – the same flaw that Clop bragged about to breach hundreds of organizations around the world – and stole data stored in the university’s platform instance, which it uses to process “vendor payments, refunds, general ledger entries, and conduct other university business.”
Penn launched an investigation, patched its systems after Oracle issued fixes, and alerted federal law enforcement. The university said it discovered on November 11 that personal information had been stolen from its systems.
Related Posts
ChristianaCare Notifies Patients of Data Breaches at Oracle Health
By Sophia Voight Publication Date: 2025-11-29 15:34:00 ChristianaCare has announced that a cybersecurity incident involving its third-party electronic medical records…
Oracle Cloud breach may impact 140,000 enterprise customers
A threat actor has reportedly breached Oracle Cloud infrastructure, exfiltrating six million sensitive authentication records and potentially endangering more than…
ITB Rewind: Oracle Hospitality on AI, Tech Silos, and the Future of Hotel Operations
At ITB, Tanya Pratt, VP of Strategy and Product Management at Oracle Hospitality, sat down with Hospitality Net’s Simone Puorto…