3.5 million hit in US college data breach with full names, dates of birth, SSNs, bank info and more exposed — how to see if you’re affected

News
By published

Current and former students as well as staff and suppliers are impacted

An open lock depicting a data breach
(Image credit: Shutterstock)

Just like healthcare organizations, colleges and universities hold a treasure trove of sensitive data on students and staff, making them a prime target for cybercriminals. The University of Phoenix is the latest academic institution to fall victim to a data breach, following a massive cyberattack that began in August of this year.

As reported by BleepingComputer, the private for-profit university has now confirmed that nearly 3.5 million current and former students, staff, and suppliers were impacted. While the university has begun notifying those affected and is taking steps to secure its systems, the scale of the exposed data — which includes Social Security numbers and banking info — is significant.

Here’s everything you need to know about this new data breach including how to see if you’re affected along with the steps you need to take right now to protect your identity.

Exploiting a zero-day for unauthorized access

A hacker typing quickly on a keyboard

(Image credit: Shutterstock)

In a post on its website, the University of Phoenix provided further details on the cyberattack that led to this data breach along with the steps it has taken since to lock down its network.

The university first detected unauthorized access on its systems on November 21 and quickly took steps to investigate. After working alongside third-party cybersecurity firms, the University of Phoenix determined that, like many other organizations, the attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite (EBS) as a means to gain access to its systems.

While its investigation is still ongoing, so far, the exposed data includes:

  • Full names
  • Contact information
  • Dates of birth
  • Social Security numbers
  • Bank account numbers
  • Routing numbers

Although the University of Phoenix hasn’t yet attributed the attack to a specific cybercriminal group, it’s believed the Clop ransomware gang is responsible. It has previously leveraged this zero-day flaw (tracked as CVE-2025-61882) in other attacks to steal data from other U.S. universities including Harvard and UPenn which also use Oracle EBS.

How to stay safe after a data breach

A shocked couple realizing they've been scammed

(Image credit: Shutterstock)

According to a letter filed with the office of Maine’s Attorney General, approximately 3,489,274 individuals are impacted by the University of Phoenix data breach. While the university has informed regulators about the breach, it has also begun sending out data breach notification letters to affected individuals.

If you’re a current or former University of Phoenix student or employee, you’re going to want to keep a close eye on your mailbox. While you may also get an email, typically, data breach notification letters are sent out the old fashioned way. This letter is very important as it will inform you as to what data was exposed and it also has crucial information on what steps to take next.

Fortunately for impacted individuals, the University of Phoenix is offering free access to one of the best identity theft protection services for 12 months. However, in order to take advantage of this offer, you will need to use the redemption code which can be found on the data breach notification letter sent out by the university.

In addition to taking advantage of this offer, there are other steps you should take to protect yourself after this data breach. Given that the Clop ransomware has such a large amount of data on victims, all of this info could be used to launch targeted phishing attacks. As such, you’re going to want to be extra careful when checking your inbox as other cybercriminals could use it to craft detailed phishing emails.

Likewise, since banking info and Social Security numbers were also stolen, there’s a high chance that your identity could be at risk. Signing up for the identity theft protection offered by the University of Phoenix is your best bet to stay safe but if you’re very worried, you may also want to freeze your credit so that no one else can take out loans in your name.

As always, you want to make sure that all of your devices are running the best antivirus software as doing so can help keep you safe from malware and other viruses which could be spread through phishing emails targeting victims.

I’ll update this article if and when we learn more about the University of Phoenix data breach but for now, you’re going to want to keep a close eye on your mailbox as well as your financial accounts for any signs of fraud.

Google News

Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.

More from Tom's Guide

Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.