The Oracle E-Business Suite hack is just getting worse and worse.
The University of Pennsylvania and the University of Phoenix have confirmed they are victims of a cybersecurity incident involving the Oracle E-Business Suite software platform. They join Logitech, The Washington Post and Harvard among others who have been pwned via this exploit.
Ensar Seker, CISO at threat intelligence company SOCRadar, provided the following comments:
“The inclusion of high‑profile academic institutions like University of Pennsylvania and University of Phoenix in this wave of Oracle EBS breaches underscores just how widespread and indiscriminate the current threat environment is.
“The exploited vulnerability (CVE-2025-61882) allows unauthenticated, remote code execution, meaning attackers only needed network access to deliver the compromise.
“What’s especially concerning is that EBS is used across a huge set of workflows, supplier payments, HR, general ledger, financials so the data at risk is often sensitive: personal identifiers, financial data, staff or student records, vendor data, and more. The Penn and Phoenix disclosures suggest this breach impacts not just internal institutional data, but the personal data of many individuals associated with those institutions. This incident serves as a stark reminder that any large ERP or business‑critical system exposed or insufficiently isolated is a prime target in a zero‑day campaign. Organizations, especially universities, healthcare, manufacturing, and any entities with complex supplier/payment workflows need to treat their ERP systems as first‑class attack surfaces, not peripheral back-office assets.
“Immediate action is essential: patching the vulnerability, auditing EBS access logs for signs of compromise, restricting external exposure of such services, and conducting full threat hunts for unusual data exfiltration activity. Given the scale of this campaign, dozens of victims spanning industries worldwide, defenders must assume that if they run Oracle EBS, they’re potentially in the crosshairs.”
I’ve said it before and I will say it again. The Oracle E-Business Suite hack is going to be the worst hack of the year. Until we enter 2026 and something bigger surpasses it. Because that’s the world that we live in at the moment. Which is a sad place to be.
Related
This entry was posted on December 3, 2025 at 2:00 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
University of Phoenix and Penn Disclose Breaches from Oracle Hack
The Oracle E-Business Suite hack is just getting worse and worse.
The University of Pennsylvania and the University of Phoenix have confirmed they are victims of a cybersecurity incident involving the Oracle E-Business Suite software platform. They join Logitech, The Washington Post and Harvard among others who have been pwned via this exploit.
Ensar Seker, CISO at threat intelligence company SOCRadar, provided the following comments:
“The inclusion of high‑profile academic institutions like University of Pennsylvania and University of Phoenix in this wave of Oracle EBS breaches underscores just how widespread and indiscriminate the current threat environment is.
“The exploited vulnerability (CVE-2025-61882) allows unauthenticated, remote code execution, meaning attackers only needed network access to deliver the compromise.
“What’s especially concerning is that EBS is used across a huge set of workflows, supplier payments, HR, general ledger, financials so the data at risk is often sensitive: personal identifiers, financial data, staff or student records, vendor data, and more. The Penn and Phoenix disclosures suggest this breach impacts not just internal institutional data, but the personal data of many individuals associated with those institutions. This incident serves as a stark reminder that any large ERP or business‑critical system exposed or insufficiently isolated is a prime target in a zero‑day campaign. Organizations, especially universities, healthcare, manufacturing, and any entities with complex supplier/payment workflows need to treat their ERP systems as first‑class attack surfaces, not peripheral back-office assets.
“Immediate action is essential: patching the vulnerability, auditing EBS access logs for signs of compromise, restricting external exposure of such services, and conducting full threat hunts for unusual data exfiltration activity. Given the scale of this campaign, dozens of victims spanning industries worldwide, defenders must assume that if they run Oracle EBS, they’re potentially in the crosshairs.”
I’ve said it before and I will say it again. The Oracle E-Business Suite hack is going to be the worst hack of the year. Until we enter 2026 and something bigger surpasses it. Because that’s the world that we live in at the moment. Which is a sad place to be.
Share this:
Like this:
Related
This entry was posted on December 3, 2025 at 2:00 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.