University of Phoenix data breach affects 3.5 million amid Clop ransomware attack

The University of Phoenix has confirmed a significant data breach impacting nearly 3.5 million current and former students, employees, faculty, and suppliers. The incident, which occurred in November, is attributed to the Clop ransomware group, as reported by Silicon Angle.

The Clop ransomware group exploited a previously unknown vulnerability in Oracle Corp.'s E-Business Suite, gaining unauthorized access in August 2025. This allowed them to steal sensitive data, including full names, contact details, dates of birth, Social Security numbers, and bank account information. Clop is known for large-scale data-extortion attacks, often targeting zero-day vulnerabilities in enterprise software. This breach is notable as one of the largest in 2025, affecting a substantial number of individuals and highlighting the risks associated with third-party software vulnerabilities.

The University of Phoenix is offering affected individuals 12 months of free identity protection services. The attack also emphasizes the broader threat landscape where ransomware groups increasingly target supply chain vulnerabilities, requiring proactive threat hunting and network segmentation to mitigate future risks.

Source: Silicon Angle