Harvard University Hit by Oracle Zero-Day Attack from Clop Ransomware Gang

Harvard breached via Oracle vulnerability exploited by Clop ransomware, affecting limited units. Patch applied, no further compromise found.

By Content Team

Oct 16, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Harvard University confirmed it was breached through a critical zero-day vulnerability in Oracle's E-Business Suite system. The flaw, tracked as CVE-2025-61882, allows attackers to remotely access systems without authentication. The notorious Clop ransomware gang exploited this vulnerability, adding Harvard to their dark web leak site and claiming to have stolen university data.

The attack is part of a broader campaign that began on September 29, though evidence suggests Clop may have been exploiting this vulnerability as early as August 9 - weeks before Oracle released a patch. Harvard says the breach impacted "a limited number of parties associated with a small administrative unit" and they've found no evidence of further system compromise after applying Oracle's patch.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Salesforce Customers Hit by Third Major Attack Wave in Six Months

Mar 11, 2026

Nearly 1 Million User Records Compromised in Figure Data Breach

Feb 19, 2026

CISA Warns Federal Agencies of Actively Exploited Zimbra Email Vulnerability

Jan 25, 2026

US Investigates Claims Meta Can Read Encrypted WhatsApp Messages

Feb 1, 2026