Greater than 35,000 folks throughout a number of states had info stolen by hackers who attacked Dartmouth School throughout a marketing campaign in opposition to a preferred line of software program from Oracle.
The Ivy League school didn’t reply to requests for remark however filed notices with regulators in Maine, California, Texas and New Hampshire. The varsity stated it lately accomplished an investigation into an incident involving Oracle E-Enterprise Suite (EBS) software program, which was focused by a Russian cybercriminal operation this summer time.
Dartmouth officers stated they use EBS to handle operations and notified legislation enforcement once they realized they had been impacted by the hacking marketing campaign in opposition to it.
“By means of the investigation, Dartmouth decided that an unauthorized actor took sure recordsdata between August 9, 2025 and August 12, 2025,” the college stated in letters to regulators in New Hampshire, the place greater than 31,000 victims are based mostly.
A number of the leaked info consists of Social Safety numbers, monetary account knowledge and names. Victims are being given one yr of entry to credit score monitoring providers.
They famous they’ve put in the patch issued by Oracle to cope with the zero-day vulnerability that impacted EBS software program.
Dartmouth didn’t reply to requests for remark about how many individuals in complete had been impacted by the marketing campaign. Along with the 31,000 folks in New Hampshire, 1,494 victims stay in Maine and 1,956 are in Texas.
The Clop cybercriminal gang has spent weeks leaking knowledge stolen from victims via EBS, with a number of distinguished organizations confirming the legitimacy of the knowledge.
Over the past week, Cox Enterprises confirmed it was affected by the marketing campaign and a spokesperson for Japanese tech producer Canon confirmed to Recorded Future Information {that a} subsidiary of its company arm within the U.S. had info stolen.
To date, regional airline Envoy Air, the Washington Put up and Harvard College have confirmed that info was stolen from their programs via the Oracle vulnerability.
Final Friday, the Cybersecurity and Infrastructure Safety Company (CISA) stated a brand new vulnerability impacting Oracle software program is being exploited by hackers.
Dartmouth turned the most recent college to substantiate a breach this week after Harvard College warned on Saturday of a separate incident the place officers found hackers accessed IT programs utilized by its Alumni Affairs and Growth workplace via a “phone-based phishing assault.”
The college stated the hackers accessed knowledge about alumni, their spouses or companions, donors to Harvard, dad and mom of present and former college students, in addition to some present college students, school and employees.
The data accessed consists of e-mail addresses, cellphone numbers, residence addresses, particulars on donations and biographical info on alumni.
The varsity added that the programs did “not usually include Social Safety numbers, passwords, fee card info, or monetary account numbers.”
Along with Dartmouth and Harvard, a number of different Ivy League faculties have reported cybersecurity incidents this yr, together with Columbia College and the College of Pennsylvania.
Recorded Future
Intelligence Cloud.
Be taught extra.
