By @SiliconANGLE
Publication Date: 2025-12-22 23:43:00
The University of Phoenix has confirmed a major data breach affecting nearly 3.5 million current and former students, employees, faculty and vendors, following an attack by the Clop ransomware group in November.
Clop is a prolific cybercrime group known for large-scale data extortion attacks that focus on exploiting zero-day vulnerabilities in widely used enterprise software to steal sensitive data rather than encrypt systems.
The breach was first discovered on November 21, but only after Clop listed the University of Phoenix on its dark web leak site. Accordingly Further investigation by Bleeping Computer revealed that the attackers gained unauthorized access in August 2025 and exploited a previously unknown vulnerability in Oracle Corp.’s E-Business Suite. exploited to laterally break into systems containing personal and financial information.
What is noteworthy is that the vulnerability exploited by Clop was publicly described for the first time Beginning of November when it was reported that hackers linked to Clop…
