Dartmouth College Hit by Clop Ransomware Data Breach
▼ Summary
– Dartmouth College disclosed a data breach after the Clop extortion gang leaked data stolen from its Oracle E-Business Suite servers via a zero-day vulnerability.
– The breach impacted at least 1,494 individuals, with stolen data including names, Social Security numbers, and financial account information.
– This incident is part of a larger campaign where Clop exploited the same Oracle flaw to target multiple organizations including Harvard University and The Washington Post.
– The total number of affected individuals is likely higher, as Dartmouth has not yet filed a breach notice with New Hampshire’s Attorney General.
– Ivy League schools have recently faced additional security threats, including voice phishing attacks that compromised personal information at Harvard, Princeton, and the University of Pennsylvania.
Dartmouth College has confirmed a significant data breach after the Clop ransomware group publicly released information they claim to have stolen from the university’s Oracle E-Business Suite infrastructure. The incident highlights the ongoing cybersecurity threats facing major educational institutions.
This private Ivy League university, established in 1769, manages a substantial endowment and serves thousands of students across more than 40 academic departments. According to a breach notification submitted to Maine’s Attorney General, attackers leveraged a zero-day vulnerability in Oracle EBS to access personal data belonging to 1,494 individuals. However, the actual number of people affected could be considerably higher, as the New Hampshire-based institution has not yet filed a notification with its home state.
In letters sent to those impacted, Dartmouth explained that unauthorized access occurred between August 9 and August 12, 2025. Following a detailed review, the college confirmed on October 30, 2025, that compromised files included names and Social Security numbers. An appendix filed with Maine authorities further revealed that financial account details were also among the stolen documents. A Dartmouth spokesperson was unavailable for immediate comment regarding the ransom amount or the full scope of the breach when contacted by media.
This security event is part of a broader extortion campaign where the Clop gang has actively exploited a specific Oracle EBS flaw since early August 2025. Although the total number of compromised organizations remains undisclosed by the threat actors, cybersecurity experts suggest dozens of entities have likely been affected. Other notable targets in the same campaign include Harvard University, The Washington Post, Logitech, GlobalLogic, and Envoy Air, all of whom have had sensitive data leaked online.
In a related trend, several Ivy League schools have recently faced sophisticated voice phishing operations. Harvard, Princeton, and the University of Pennsylvania each reported unauthorized intrusions into internal systems used for development and alumni relations, leading to the theft of personal information belonging to students, alumni, donors, and staff members.
(Source: Bleeping Computer)
