Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle's E-Business Suite servers.
"Harvard is aware of reports that data associated with the University has been obtained as a result of a zero-day vulnerability in the Oracle E-Business Suite system. This issue has impacted many Oracle E-Business Suite customers and is not specific to Harvard," a Harvard University Information Technology spokesperson told BleepingComputer.
"While the investigation is ongoing, we believe that this incident impacts a limited number of parties associated with a small administrative unit."
"Upon receiving it from Oracle, we applied a patch to remediate the vulnerability. We are continuing to monitor and have no evidence of compromise to other University systems."
This statement comes after the Clop extortion gang added Harvard to its data leak extortion site, stating that it would soon publicly release the University's data.
Harvard on Clop's data leak site:
BleepingComputer
Earlier this month, Mandiant and Google began tracking a new extortion campaign where numerous companies began receiving emails stating sensitive data was stolen from their Oracle E-Business Suite systems.
These emails came from the Clop ransomware operation, which warned that the stolen data would be leaked if a ransom demand was not paid.
Clop extortion email sent to Oracle customers
... continue reading