This story was originally produced by the Valley News. NHPR is republishing it in partnership with the Granite State News Collaborative.
More than 40,000 people in New Hampshire and Vermont may have been impacted by a data breach in a system used by Dartmouth College.
Last week, Dartmouth started mailing letters to the people whose personal information was included in data stolen over three days in early August.
During that time, an “unauthorized actor” was able to access Dartmouth College files and take data, including “one or more” files that had personal information such as names, Social Security numbers and financial account information, according to reports Dartmouth filed with the offices of the attorneys general of New Hampshire and Vermont last week.
The breach was part of a widespread attack on the Oracle eBusiness Suite, a platform Dartmouth and many other companies use to manage operations. A ransomware group has been taking credit for the attack and it has identified more than 100 companies impacted by the breach, according to reporting from SecurityWeek.
“This incident was not the result of any ‘phishing’ attack on a member of the Dartmouth community or any other action or inaction on Dartmouth’s part,” college spokesperson Jana Barnello said.
After Oracle reported the security breach in early October, Dartmouth launched an investigation “as quickly as possible” to identify the impacted data and respond, Barnello said Monday.
It “took time” to review all o
Source: https://www.nhpr.org/nh-news/2025-12-02/dartmouth-college-data-breach-exposes-personal-info
The John Sloan Dickey Center for International Understanding at Dartmouth cybersecurity rating report: https://www.rankiteo.com/company/dartmouthdickey
"id": "DAR1764699140",
"linkid": "dartmouthdickey",
"type": "Ransomware",
"date": "8/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': '40,000+',
'industry': 'Higher Education',
'location': 'Hanover, New Hampshire, USA',
'name': 'Dartmouth College',
'size': None,
'type': 'Educational Institution'}],
'attack_vector': 'Exploitation of Oracle eBusiness Suite '
'vulnerability',
'customer_advisories': 'Letters mailed to affected individuals',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': '40,000+',
'personally_identifiable_information': ['Names',
'Social '
'Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally '
'Identifiable '
'Information',
'Financial '
'Information']},
'date_detected': '2023-10-early',
'date_publicly_disclosed': '2023-10',
'description': 'More than 40,000 people in New Hampshire and '
'Vermont may have been impacted by a data breach '
'in a system used by Dartmouth College. An '
'unauthorized actor accessed Dartmouth College '
'files and stole data, including personal '
'information such as names, Social Security '
'numbers, and financial account information, over '
'three days in early August.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personal information (names, '
'Social Security numbers, '
'financial account information)',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': 'High',
'revenue_loss': None,
'systems_affected': 'Oracle eBusiness Suite'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain (ransomware)',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Oracle eBusiness '
'Suite vulnerability'},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Yes',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'Valley News (republished by NHPR)',
'url': None},
{'date_accessed': None,
'source': 'SecurityWeek',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': ['New '
'Hampshire '
'Attorney '
'General',
'Vermont '
'Attorney '
'General']},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Letters mailed to '
'affected individuals',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'threat_actor': 'Ransomware group',
'title': 'Dartmouth College Oracle eBusiness Suite Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Oracle eBusiness Suite security '
'flaw'}}