Skip to content

Threat Hunting

University of Pennsylvania Oracle E-Business Suite Breach

Date of Incident: August 2025 Overview: In August 2025, the University of Pennsylvania experienced a data breach targeting its Oracle E-Business Suite, attributed to the Clop ransomware group. Attackers exploited a zero-day vulnerability, compromising personal information of 1,488 individuals, with a potential for more. The breach utilized advanced tactics such as SQL injection and remote… Read More »University of Pennsylvania Oracle E-Business Suite Breach

North Korean IT Worker Schemes

Date of Incident: Ongoing (no specific date provided) Overview: In an ongoing insider threat scheme dubbed “North Korean IT Worker Schemes,” involving unidentified IT workers, unauthorized access using legitimate credentials has led to significant data theft and potential malware deployment within the software sector. The breach, targeting customer data, financial records, and intellectual property, also… Read More »North Korean IT Worker Schemes

Dartmouth College Data Breach

Date of Incident: August 9 – August 12, 2025 Overview: Dartmouth College experienced a data breach between August 9 and August 12, 2025, affecting the education sector. The breach potentially exposed personal information, including names, Social Security numbers, and financial data, for at least 1,494 individuals. The incident reportedly involved the Clop ransomware group exploiting… Read More »Dartmouth College Data Breach

Harvard University Alumni Affairs and Development Systems Data Breach

Date of Incident: November 18, 2025 Overview: The Harvard University Alumni Affairs and Development systems experienced a data breach on November 18, 2025, which exposed personal information of students, alumni, donors, staff, and faculty, including contact details and event records. While sensitive financial and security details remained secure, attackers gained unauthorized access using phishing techniques… Read More »Harvard University Alumni Affairs and Development Systems Data Breach

Iberia Customer Data Leak

Date of Incident: 2024-04 Overview: The Iberia Customer Data Leak, reported on November 23, 2025, involved unauthorized access to a third-party vendor’s system supporting Iberia in April 2024. This breach exposed customer names, email addresses, and loyalty card IDs but did not compromise login credentials, passwords, or payment card information. The attack leveraged vulnerabilities and… Read More »Iberia Customer Data Leak

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.