Dartmouth College has announced that it was the victim of a data breach after hackers from the Clop extortion gang leaked sensitive information allegedly stolen from the school’s Oracle E-Business Suite servers on the dark web. The attackers exploited an Oracle E-Business Suite zero-day vulnerability to steal personal information belonging to 1,494 individuals.
The college says that it has not yet filed a breach notice with Maine’s Attorney General, but suspects that many more people may have been impacted by the breach. The data leak included files containing individual names and Social Security numbers, as well as financial account information.
Dartmouth is not alone in being targeted by Clop; several other organizations, including Harvard University, Logitech, and American Airlines subsidiary Envoy Air, also had their data leaked online. In total, the Clop ransomware gang has exploited a zero-day flaw to breach dozens of organizations worldwide.
While Clop has yet to disclose the exact number of impacted organizations, Google’s Threat Intelligence Group chief analyst John Hultquist says that dozens of organizations were likely breached in this campaign. The U.S. Department of State now offers a $10 million reward for information tying the gang’s attacks to a foreign government.
This data breach is just one part of a larger trend of targeted hacking and data theft, with several Ivy League schools recently being hit by voice phishing attacks that stole personal information from students, alumni, donors, staff, and faculty members.
Source: https://www.bleepingcomputer.com/news/security/dartmouth-college-confirms-data-breach-after-clop-extortion-attack