University of Phoenix data breach hits 3.5M people

The University of Phoenix has confirmed a major information breach affecting astir 3.5 cardinal people. The incident traces backmost to August erstwhile attackers accessed nan university's web and softly stole delicate information.

The schoolhouse detected nan intrusion connected Nov. 21. That find came aft nan attackers listed nan assemblage connected a nationalist leak site. In early December, nan assemblage disclosed nan incident, and its genitor institution revenge an 8-K pinch regulators.

The scope is large. Notification letters revenge pinch Maine's Attorney General show 3,489,274 individuals are impacted. Those affected see existent and erstwhile students, faculty, unit and suppliers.

Sign up for my FREE CyberGuy Report

Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide — free erstwhile you subordinate my CYBERGUY.COM newsletter.

DATA BREACH EXPOSES 400K BANK CUSTOMERS’ INFO

The University of Phoenix information breach exposed delicate individual and financial accusation tied to astir 3.5 cardinal people. (Kurt "CyberGuy" Knutsson)

What happened and really attackers sewage in

According to nan university, hackers exploited a zero-day vulnerability successful Oracle E-Business Suite. This exertion handles financial operations and contains highly delicate data.

Based connected nan method specifications shared truthful far, information researchers judge nan onslaught aligns pinch strategies utilized by nan Clop ransomware gang. Clop has a agelong way grounds of stealing information done zero-day flaws alternatively than encrypting systems.

The vulnerability tied to this run is tracked arsenic CVE-2025-61882. Investigators opportunity it has been abused since early August.

What information was exposed

The assemblage says nan attackers accessed highly delicate individual and financial information. That includes:

• Full names
• Contact information
• Dates of birth
• Social information numbers
• Bank relationship numbers
• Routing numbers

This type of information creates a superior risk. It tin substance personality theft, financial fraud, and targeted phishing scams.

700CREDIT DATA BREACH EXPOSES SSNS OF 5.8M CONSUMERS

Stolen University of Phoenix records could beryllium utilized by criminals to motorboat targeted phishing and personality theft attacks.  (Kurt "CyberGuy" Knutsson)

Nearly 3.5 cardinal group impacted

In letters sent to affected individuals, nan assemblage confirmed nan breach affects 3,489,274 people. If you are a existent aliases erstwhile student aliases employee, watch your message closely.

These notifications often get by postal mail, not email. The missive explains what information was exposed and includes instructions for protective services.

We reached retired to The University of Phoenix for comment, and a rep provided CyberGuy pinch nan pursuing statement: 

"We precocious knowledgeable a cybersecurity incident involving nan Oracle E-Business Suite package platform. Upon detecting nan incident connected November 21, 2025, we promptly took steps to analyse and respond pinch nan assistance of starring third-party cybersecurity firms. We are reviewing nan impacted information and will supply nan required notifications to affected individuals and regulatory entities."

Free personality protection is now available

The University of Phoenix is offering impacted individuals free personality protection services. These include:

• 12 months of in installments monitoring
• Identity theft betterment assistance
• Dark web monitoring
• A $1 cardinal fraud reimbursement policy

To enroll, you must usage nan redemption codification provided successful nan notification letter. Without that code, you cannot activate nan service.

This onslaught fits a larger Clop campaign

The University of Phoenix breach is not an isolated case. Clop has utilized akin strategies successful past campaigns involving GoAnywhere MFT, Accellion FTA, MOVEit Transfer, Cleo, and Gladinet CentreStack.

Other universities person besides reported Oracle EBS-related incidents. These see Harvard University and nan University of Pennsylvania.

The U.S. authorities is taking notice. The U.S. Department of State is now offering a reward of up to $10 cardinal for accusation linking Clop's attacks to a overseas government.

Why colleges are premier targets

Universities shop monolithic amounts of individual data. Student records, financial assistance files, payroll systems, and philanthropist databases each unrecorded nether 1 roof.

Like healthcare organizations, colleges coming a high-value target. A azygous breach tin expose years of information tied to millions of people.

MAKE 2026 YOUR MOST PRIVATE YEAR YET BY REMOVING BROKER DATA

Affected University of Phoenix students and unit should enactment quickly to show accounts and protect their identities. (Kurt "CyberGuy" Knutsson)

Steps to enactment safe correct now

If you judge you whitethorn beryllium affected, enactment quickly. These steps tin trim your risk.

1) Watch for your breach notification letter

Read it carefully. It explains what information was exposed and really to enroll successful protection services.

2) Enroll successful nan free personality protection

First, usage nan redemption codification provided. Because societal information and banking information are involved, in installments monitoring and betterment services matter. Even if you do not suffice for nan free service, an personality theft protection work is still a smart move.

In addition, these services actively show delicate specifications for illustration your societal information number, telephone number and email address. If your accusation appears connected nan acheronian web aliases if personification tries to unfastened a caller account, you person an alert correct away. As a result, galore services besides thief you quickly frost slope and in installments paper accounts to limit further fraud.

See my tips and champion picks connected really to protect yourself from personality theft astatine Cyberguy.com

3) Use a information removal service

Because this breach exposed names, interaction specifications and different identifiers, reducing what is publically disposable astir you matters. A information removal work tin thief region your individual accusation from information agent sites, which lowers nan consequence of targeted phishing aliases fraud tied to nan stolen University of Phoenix records.

While nary work tin guarantee nan complete removal of your information from nan internet, a information removal work is really a smart choice. They aren't cheap, and neither is your privacy. These services do each nan activity for you by actively monitoring and systematically erasing your individual accusation from hundreds of websites. It's what gives maine bid of mind and has proven to beryllium nan astir effective measurement to erase your individual information from nan internet. By limiting nan accusation available, you trim nan consequence of scammers cross-referencing information from breaches pinch accusation they mightiness find connected nan acheronian web, making it harder for them to target you.

Check retired my apical picks for information removal services and get a free scan to find retired if your individual accusation is already retired connected nan web by visiting Cyberguy.com

Get a free scan to find retired if your individual accusation is already retired connected nan web: Cyberguy.com

4) Monitor financial accounts daily

Check slope statements and in installments paper activity for unfamiliar charges. Report thing suspicious immediately.

5) Consider freezing your credit

A in installments frost tin extremity criminals from opening caller accounts successful your name. It is free and reversible. To study much astir really to do this, spell to Cyberguy.com and hunt "How to frost your credit." 

6) Be alert for phishing attempts and usage beardown antivirus software 

Expect much scam emails and telephone calls. Criminals whitethorn reference nan breach to sound legitimate.

The champion measurement to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus package installed connected each your devices. This protection tin besides alert you to phishing emails and ransomware scams, keeping your individual accusation and integer assets safe.

Get my picks for nan champion 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

7) Secure your devices

Keep your operating systems and apps up to date, arsenic attackers often utilization outdated package to summation access. In addition, alteration automatic updates and reappraisal app permissions to forestall stolen individual information from being mixed pinch device-level entree and causing further harm.

Kurt's cardinal takeaways

The University of Phoenix information breach highlights a increasing problem crossed higher education. When attackers utilization trusted endeavor software, nan fallout spreads accelerated and wide. While free personality protection helps, semipermanent vigilance matters most. Staying alert tin limit harm agelong aft nan headlines fade.

If universities cannot protect this level of delicate data, should students request stronger cybersecurity standards earlier enrolling? Let america cognize by penning to america astatine Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 

Get my champion tech tips, urgent information alerts, and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide — free erstwhile you subordinate my CYBERGUY.COM newsletter. 

Copyright 2025 CyberGuy.com.  All authorities reserved.