Harvard University Data Breach (2025)

"Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle's E-Business Suite servers. "Harvard is aware of reports that data associated with the University has been obtained as a result of a zero-day vulnerability in the Oracle E-Business Suite system. This issue has impacted many Oracle E-Business Suite customers and is not specific to Harvard," a Harvard University Information Technology spokesperson told BleepingComputer. "While the investigation is ongoing, we believe that this incident impacts a limited number of parties associated with a small administrative unit." "Upon receiving it from Oracle, we applied a patch to remediate the vulnerability. We are continuing to monitor and have no evidence of compromise to other University systems." This statement comes after the Clop extortion gang added Harvard to its data leak extortion site, stating that it would soon publicly release the University's data."