By @SiliconANGLE
Publication Date: 2025-12-22 23:43:00
The University of Phoenix has confirmed a major data breach affecting nearly 3.5 million current and former students, employees, faculty and vendors, following an attack by the Clop ransomware group in November.
Clop is a prolific cybercrime group known for large-scale data extortion attacks that focus on exploiting “zero-day,” or not yet patched, vulnerabilities in widely used enterprise software to steal sensitive data rather than encrypt systems.
The breach was first discovered on November 21, but only after Clop listed the University of Phoenix on its dark web leak site. According to a report Further investigation by Bleeping Computer today revealed that the attackers gained unauthorized access in August 2025. They exploited a previously unknown vulnerability in Oracle Corp.’s E-Business Suite. to laterally penetrate systems containing personal and financial data.
The vulnerability exploited by Clop was publicly described for the first time Beginning of November when it was announced that…
