Clop, a Russia-linked cybercrime crew, has targeted Dartmouth College, notifying over 1,400 Maine residents whose data was stolen in the breach. The attack, which occurred between August 9 and August 12, exploited a zero-day flaw in Oracle E-Business Suite (EBS) and made off with sensitive information such as names, Social Security Numbers, and financial account details.
The breach is part of Clop’s larger campaign against widely deployed enterprise platforms, including earlier confirmed victims like Hitachi-owned GlobalLogic, Allianz UK, and Cox Enterprises. Clop’s tactics involve exploiting zero-days at an industrial scale and then demanding ransom from victims by stealing data.
Dartmouth College has secured its systems, notified law enforcement, and offered one year of credit monitoring to those affected. The university plans to tighten oversight of its vendors’ security practices in response to the breach.
This incident highlights the ongoing threat of Clop’s Oracle EBS attacks, which have already affected nearly 10,000 employees and contractors worldwide. As a result, organizations running Oracle estates are urged to apply publicly available patches and enhance their security measures to prevent future breaches.
Source: https://www.theregister.com/2025/11/25/clop_dartmouth_college