**University of Phoenix Hit by Massive Data Breach Affecting Millions**
In November 2025, the University of Phoenix disclosed a significant data breach impacting over 3.4 million current and former students and staff. The breach, attributed to the CL0P ransomware group, exploited a vulnerability in the university’s Oracle E-Business Suite software between August 13 and August 22, 2025, leading to the exfiltration of sensitive personal data.
Exposed information included names, dates of birth, Social Security numbers, and financial details such as bank account and routing numbers. The university reported the incident to the California and Maine Attorney Generals’ offices on December 21, 2025, and began notifying affected individuals the following day. Among those impacted were 9,131 Maine residents.
The breach has prompted legal action, with Shamis & Gentile P.A., a class-action law firm specializing in data breach cases, investigating potential compensation for victims. The university has offered free IDX identity theft protection services to those affected.
The University of Phoenix, a private for-profit institution based in Phoenix, Arizona, serves working adults through online degree programs in fields like business, healthcare, and information systems. The incident underscores the growing threat of ransomware attacks targeting educational institutions.
Source: https://www.claimdepot.com/investigations/university-of-phoenix-data-breach-2025
Oracle University cybersecurity rating report: https://www.rankiteo.com/company/oracle-university
"id": "ORA1766435444",
"linkid": "oracle-university",
"type": "Vulnerability",
"date": "11/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'customers_affected': '3,489,274',
'industry': 'Higher Education',
'location': 'Phoenix, Arizona, USA',
'name': 'University of Phoenix',
'size': 'Large',
'type': 'Educational Institution'}],
'attack_vector': 'Exploitation of software vulnerability',
'customer_advisories': 'Affected individuals notified via written notice on '
'Dec. 22, 2025',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '3,489,274',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Dates of birth',
'Social Security numbers',
'Bank account numbers',
'Bank routing numbers']},
'date_detected': '2025-11-21',
'date_publicly_disclosed': '2025-12-21',
'description': 'In November 2025, University of Phoenix discovered a major '
'data breach that may have affected millions of current and '
'former students and staff. A vulnerability in Oracle '
'E-Business Suite software was exploited by the CL0P '
'ransomware group between Aug. 13 and Aug. 22, 2025, resulting '
'in the exfiltration of sensitive data.',
'impact': {'data_compromised': 'Sensitive personally identifiable information',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'Oracle E-Business Suite'},
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'CL0P'},
'recommendations': ['Sign up for free IDX identity theft protection services',
'Monitor financial statements for suspicious activity',
'Request a fraud alert or credit report from major credit '
'bureaus',
'Seek legal help to understand rights and pursue '
'compensation'],
'references': [{'source': 'Shamis & Gentile P.A.'}],
'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
"General's office",
'Maine Attorney '
"General's office"]},
'response': {'communication_strategy': 'Written notice to affected '
'individuals on Dec. 22, 2025'},
'threat_actor': 'CL0P ransomware group',
'title': 'University of Phoenix Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Oracle E-Business Suite software vulnerability'}