NEWNow you can listen to Fox News articles!
The University of Phoenix has confirmed a massive data breach affecting nearly 3.5 million people. The incident occurred in August when attackers infiltrated the university’s network and quietly stole sensitive information.
The school found a hacker on November 21. That was discovered after the attackers wrote the university in a leaked public area. In early December, the university disclosed the incident, and the parent company filed an 8-K with regulators.
The range is great. Notice letters filed with the Maine Attorney General indicate that 3,489,274 people were affected. Those involved include current and former students, faculty, staff and suppliers.
Sign up for my FREE CyberGuy report
Get my best tech tips, emergency security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper.
DATA BREAK EXPOSES 400K BANK CUSTOMER INFORMATION
The University of Phoenix data breach exposed sensitive personal and financial information tied to nearly 3.5 million people. (Kurt “CyberGuy” Knutsson)
What happened and how the attackers got in
According to the university, hackers exploited a zero-day vulnerability in Oracle E-Business Suite. This application handles financial transactions and contains very sensitive data.
Based on the technical details shared so far, security researchers believe that the attack is consistent with the tactics used by the Clop ransomware gang. Clop has a long history of stealing data through zero-day vulnerabilities instead of encrypting systems.
The vulnerability associated with this campaign is tracked as CVE-2025-61882. Investigators say she was being abused since the beginning of August.
What data is disclosed
The university says the attackers obtained sensitive personal and financial information. That includes:
- The words are perfect
- Contact information
- Birthdays
- Social security numbers
- Bank account numbers
- Route numbers
This type of data poses a serious risk. It can fuel identity theft, financial fraud, and targeting phishing scams.
700CREDIT DATA OUTPUT EXCEEDS SSNS FOR 5.8M CUSTOMERS
Stolen University of Phoenix records can be used by criminals to launch phishing and identity theft attacks. (Kurt “CyberGuy” Knutsson)
About 3.5 million people are affected
In letters sent to affected people, the university confirmed that the breach affects 3,489,274 people. If you are a current or former student or employee, watch your email closely.
These notices usually come by post, not email. The letter explains what data is disclosed and includes instructions for security services.
We reached out to the University of Phoenix for comment, and a representative provided CyberGuy with the following statement:
“We recently encountered a cybersecurity incident involving the Oracle E-Business Suite software platform. After discovering the incident on November 21, 2025, we took immediate steps to investigate and respond with the help of leading cybersecurity companies. We are reviewing the affected data and will provide the necessary notifications to each affected person.”
Free copyright protection is now available
The University of Phoenix is providing identity protection services to affected individuals. This includes:
- 12 months of credit monitoring
- Help with identity discovery
- Monitoring the dark web
- $1 million fraud reimbursement policy
To register, you must use the activation code provided in the notification letter. Without that code, you can’t run the service.
This attack fits in with Clop’s big campaign
The University of Phoenix breach is not an isolated case. Clop has used similar tactics in previous campaigns including GoAnywhere MFT, Accellion FTA, MOVEit Transfer, Cleo, and Gladinet CentreStack.
Other universities have also reported incidents related to Oracle EBS. These include Harvard University and the University of Pennsylvania.
The US government is taking notice. The US State Department is now offering a reward of up to $10 million for information linking Cop’s attack to a foreign government.
Why colleges are targeted
Universities store large amounts of personal data. Student records, financial aid files, payment systems, and donor databases all live under one roof.
Like health care organizations, colleges deliver high value targets. A single breach could expose years of data tied to millions of people.
MAKE 2026 YOUR MOST PRIVATE YEAR BY LEGAL DATA DELETE
Affected University of Phoenix students and staff should take immediate action to monitor accounts and protect their identities. (Kurt “CyberGuy” Knutsson)
Steps to stay safe right now
If you believe you may be affected, act quickly. These steps can reduce your risk.
1) View your infringement notification letter
Read it carefully. It explains what data is disclosed and how you can register for security services.
2) Sign up for free identity protection
First, use the redemption code provided. Because social security and banking data are involved, credit monitoring and recovery services are essential. Even if you don’t qualify for free service, an identity theft protection service is still a smart move.
In addition, these services monitor sensitive information such as your social security number, phone number and email address. If your information appears on the dark web or if someone tries to open a new account, you get an immediate warning. As a result, many services help you quickly freeze bank and credit card accounts to limit further fraud.
See my tips and top picks on how to protect yourself from identity theft Cyberguy.com
3) Use a data removal service
Because this breach exposed names, contact information and other identifiers, minimizing what is publicly available about you is important. A data removal service can help remove your personal information from data broker sites, which reduces the risk of phishing or fraud related to stolen University of Phoenix records.
Although no service can guarantee the complete removal of your data from the Internet, a data removal service is definitely a smart choice. They don’t come cheap, and neither does your privacy. These services do all the work for you by actively monitoring and systematically deleting your personal information from hundreds of websites. That’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of fraudsters transferring data from information breaches they may find on the dark web, making it harder for them to identify you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out there on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out there on the web: Cyberguy.com
4) Monitor financial accounts daily
Check your bank statements and credit card service for unusual charges. Report anything suspicious immediately.
5) Consider freezing your credit
A credit freeze can prevent criminals from opening new accounts in your name. It’s free and refundable. To learn more about how to do this, go to Cyberguy.com then search “How to stop your debt.”
6) Be aware of phishing attempts and use strong anti-virus software
Expect lots of scam emails and phone calls. Criminals may refer to violations as justified.
The best way to protect yourself from malicious links that contain malware, which may have access to your private information, is to install strong anti-virus software on all your devices. This protection can alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Find my picks for the best antivirus 2025 winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
7) Protect your devices
Keep your operating systems and applications up to date, as attackers often exploit outdated software to gain access. In addition, enable automatic updates and update app permissions to prevent stolen personal data from being combined with device-level access and causing further damage.
Kurt’s priority is taking
The University of Phoenix data breach highlights a growing problem throughout higher education. When attackers exploit trusted enterprise software, the fallout spreads quickly and widely. While free ownership protection is helpful, long-term monitoring is more important. Staying alert can limit the damage long after the articles disappear.
If universities can’t protect this level of sensitive data, should students demand stricter cybersecurity standards before enrolling? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS PROGRAM
Sign up for my FREE CyberGuy report
Get my best tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper.
Copyright 2025 CyberGuy.com. All rights reserved.
