Major Breach Exposes Data of 618,000 in Oracle E-Business Suite Incident
In a major cybersecurity incident, the University of Phoenix has confirmed a breach tied to the exploitation of a zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite. Approximately 618,000 records were compromised, exposing sensitive personally identifiable information (PII) of students, staff, and vendors. The breach was identified when exfiltrated data began appearing on an extortion site in November 2025, raising alarms about the adequacy of the institution's security protocols. Oracle has since issued patches for this vulnerability, urging all users to update their systems immediately to mitigate further risk. This incident emphasizes the critical need for vigilant patch management and monitoring of sensitive data access within educational institutions and beyond. Weekly Cybersecurity Intelligence Report.
Also In Security Today
- 700Credit API Vulnerability: A significant data breach at 700Credit has exposed data of over 5.6 million individuals due to a flawed API connection. This incident highlights the risks associated with API security. SWK Cybersecurity News Recap
- BRICKSTORM Malware Campaign: CISA and the NSA have warned about a sophisticated malware campaign from Chinese state-sponsored actors targeting VMware and Windows systems, underscoring the need for heightened defense measures against state-sponsored threats. Global Cyber Threats: December 2025 roundup
- Coupang Data Breach: Coupang, South Korea’s leading e-commerce platform, confirmed a breach affecting nearly 34 million customer records, reportedly facilitated by a former employee. This raises concerns about insider threats. Cybersecurity News December 2025
- French Interior Ministry Attack: A cyberattack disrupted the French Interior Ministry's email servers, leading to enhanced security protocols amidst fears of data theft. Cybersecurity Roundup, December 2025.