Dartmouth College, located just across the Connecticut River from Vermont in Hanover, New Hampshire, has notified more than 35,000 people that their personal information was stolen in a cyberattack this past summer. The breach affects current and former employees, students, and alumni—including many Vermonters who have worked at, attended, or have other ties to the Ivy League institution.
Here’s what happened, what information was compromised, and what steps affected individuals should take to protect themselves.
What Happened
Between August 9 and August 12, 2025, hackers exploited a previously unknown security flaw—known as a “zero-day vulnerability”—in Oracle E-Business Suite software that Dartmouth uses to manage payroll, human resources, and financial operations. According to the college’s official notification, the attackers gained unauthorized access to the system and downloaded files containing sensitive personal data.
The vulnerability, tracked as CVE-2025-61882, was not publicly known at the time of the attack, meaning Dartmouth had no way to patch the flaw before hackers exploited it. Cybersecurity researchers at CrowdStrike have attributed the attack to a cybercriminal group known as Cl0p, which has targeted numerous organizations worldwide using similar methods.
Who Is Affected
The breach impacts an estimated 35,000 or more individuals, according to The Record. This includes employees, former employees, students, alumni, and others whose information was stor
Source: https://www.compassvermont.com/p/dartmouth-data-breach-what-vermont
Nelson A. Rockefeller Center for Public Policy at Dartmouth cybersecurity rating report: https://www.rankiteo.com/company/rockefeller-center-dartmouth
"id": "ROC1764763001",
"linkid": "rockefeller-center-dartmouth",
"type": "Breach",
"date": "8/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': '35,000+',
'industry': 'Higher Education',
'location': 'Hanover, New Hampshire, USA',
'name': 'Dartmouth College',
'size': None,
'type': 'Educational Institution'}],
'attack_vector': 'Zero-day vulnerability exploitation',
'customer_advisories': 'Steps to protect personal information '
'provided to affected individuals',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': '35,000+',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal '
'information'},
'date_detected': '2025-08-09',
'description': 'Dartmouth College notified over 35,000 '
'individuals that their personal information was '
'stolen in a cyberattack exploiting a zero-day '
'vulnerability in Oracle E-Business Suite '
'software. The breach affects current and former '
'employees, students, and alumni.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personal information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': 'Oracle E-Business Suite '
'(payroll, HR, financial '
'operations)'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': 'Zero-day vulnerability '
'in Oracle E-Business '
'Suite',
'high_value_targets': None,
'reconnaissance_period': None},
'motivation': 'Cybercriminal',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Exploitation of '
'zero-day '
'vulnerability '
'(CVE-2025-61882)'},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': None,
'source': 'The Record',
'url': None},
{'date_accessed': None,
'source': 'Dartmouth College official '
'notification',
'url': None},
{'date_accessed': None,
'source': 'CrowdStrike',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Official notification to '
'affected individuals',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': 'CrowdStrike'},
'threat_actor': 'Cl0p',
'title': 'Dartmouth College Data Breach via Zero-Day Exploit in '
'Oracle E-Business Suite',
'type': 'Data Breach',
'vulnerability_exploited': 'CVE-2025-61882'}}