A student walks on the campus of Dartmouth College in Hanover, New Hampshire, on March 5, 2024. Photo by Robert F. Bukaty/AP
This story by Clare Shanahan was first published in the Valley News on Dec. 1, 2025.
HANOVER — More than 40,000 people in Vermont and New Hampshire may have been impacted by a data breach in a system used by Dartmouth College. Last week, Dartmouth started mailing letters to the people whose personal information was included in data stolen over three days in early August.
During that time, an “unauthorized actor” was able to access Dartmouth College files and take data, including “one or more” files that had personal information such as names, Social Security numbers and financial account information, according to reports Dartmouth filed with the offices of the attorneys general of New Hampshire and Vermont last week.
The breach was part of a widespread attack on the Oracle eBusiness Suite, a platform Dartmouth and many other companies use to manage operations. A ransomware group has been taking credit for the attack and it has identified more than 100 companies impacted by the breach, according to reporting from SecurityWeek.
“This incident was not the result of any ‘phishing’ attack on a member of the Dartmouth community or any other action or inaction on Dartmouth’s part,” college spokesperson Jana Barnello said.
After Oracle reported the security breach in early October, Dartmouth launched an investigation “as quickly as possible” to identify t
TPRM report: https://www.rankiteo.com/company/rockefeller-center-dartmouth
"id": "roc1764779809",
"linkid": "rockefeller-center-dartmouth",
"type": "Ransomware",
"date": "2025-12-02T00:00:00.000Z",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'incident': {'affected_entities': [{'customers_affected': '40,000+',
'industry': 'Higher Education',
'location': 'Hanover, New Hampshire, USA',
'name': 'Dartmouth College',
'size': None,
'type': 'Educational Institution'}],
'attack_vector': 'Exploitation of Oracle eBusiness Suite '
'vulnerability',
'customer_advisories': 'Letters mailed to affected individuals',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': '40,000+',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security '
'numbers',
'Financial account '
'information']},
'date_detected': '2025-10-01',
'date_publicly_disclosed': '2025-12-01',
'description': 'An unauthorized actor accessed Dartmouth College '
'files and stole data containing personal '
'information, including names, Social Security '
'numbers, and financial account information. The '
'breach impacted over 40,000 people in Vermont '
'and New Hampshire and was part of a widespread '
'attack on the Oracle eBusiness Suite platform.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personal information (names, '
'Social Security numbers, '
'financial account information)',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': 'High',
'revenue_loss': None,
'systems_affected': 'Oracle eBusiness Suite'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Yes',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': '2025-12-01',
'source': 'Valley News',
'url': None},
{'date_accessed': None,
'source': 'SecurityWeek',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': ['Filed '
'reports '
'with New '
'Hampshire '
'and '
'Vermont '
'Attorneys '
'General']},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Mailing letters to '
'affected individuals',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'threat_actor': 'Ransomware group',
'title': 'Dartmouth College Oracle eBusiness Suite Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Oracle eBusiness Suite security '
'flaw'}}