Oracle E-Business Suite
-
University of Phoenix discloses data breach after Oracle E-Business Suite exploit
The University of Phoenix disclosed a data breach after attackers exploited a zero-day flaw in Oracle E-Business Suite, saying personal and financial records for students, staff and suppliers were accessed; the parent company filed an 8-K and affected individuals will be notified by mail.
-
Dartmouth College confirms data breach after Clop posts Oracle EBS data
Dartmouth College said files taken from its Oracle E-Business Suite servers were posted by the Clop extortion group. A Maine filing identified 1,494 individuals whose records included names and Social Security numbers, and an appendix said financial account data was also taken. The college has not yet filed a New Hampshire notice and has not…
-
Harvard discloses Alumni Affairs data breach after voice phishing attack
Harvard said systems used by its Alumni Affairs and Development office were accessed in a phone-based phishing attack discovered on Nov. 18, 2025, exposing contact and fundraising-related information for alumni, donors, students and staff; the university said no Social Security numbers, passwords, payment card or other financial data were in the compromised systems.
-
Logitech discloses data breach tied to zero-day; Cl0p claims responsibility
Logitech disclosed a data breach in which a zero-day in a third-party platform was exploited and certain internal IT data was copied; Cl0p has claimed responsibility and Logitech said it does not expect the incident to materially affect its business.
-
Washington Post breach exposes personal data of nearly 10,000 workers
The Washington Post notified 9,720 employees and contractors that their personal and financial information was exposed after attackers exploited a zero-day in Oracle E-Business Suite; the flaw (CVE-2025-61884) has been linked to the Clop group and other major organisations were also affected.
-
Google and Mandiant: Zero-day in Oracle E-Business Suite likely impacted dozens of organisations
Google Threat Intelligence Group and Mandiant reported that the exploitation of a zero-day in Oracle E-Business Suite likely affected dozens of organisations, using multiple vulnerabilities and post-exploitation tooling linked to Cl0p-styled extortion campaigns; investigators said Oracle has released patches and some investigative details remain unclear.
