Overview
- Harvard says the suspected incident appears limited to a small administrative unit, has applied Oracle’s fix, and reports no evidence of compromise to other University systems.
- Clop added Harvard to its leak site and told BleepingComputer it used a new Oracle flaw in data‑theft attacks, following mass extortion emails sent to Oracle E‑Business Suite customers.
- Oracle acknowledged the zero‑day tracked as CVE-2025-61882 and issued an emergency update after initially stating related flaws had been addressed in July.
- Google Threat Intelligence Group and Mandiant assessed that the campaign likely began in July, targeted over 100 companies, and resulted in confirmed data exfiltration for some victims.
- SecurityAffairs reported Clop’s claim that 1.3 TB of Harvard data was leaked, a statement not corroborated by the University’s ongoing investigation.