University of Phoenix Data Breach Hits South Carolina: Over 64,000 Residents Affected
A significant cybersecurity incident involving the University of Phoenix has compromised the personal information of 64,161 South Carolina residents. The breach, which stems from a vulnerability in the university’s software systems, has exposed sensitive data including names and Social Security numbers.
Nationally, the breach has reportedly affected approximately 3.5 million individuals, including current and former students, faculty, employees, and suppliers.
What Happened?
The University of Phoenix discovered the incident on November 21, 2025. Following an investigation with third-party cybersecurity firms, the university determined that an unauthorized third party exploited a previously unknown vulnerability in the Oracle E-Business Suite (Oracle EBS).
The unauthorized access occurred earlier in the year, between August 13 and August 22, 2025. During this ten-day window, the attackers were able to exfiltrate data from the university’s systems before the vulnerability was detected.
Impact on South Carolinians
While the university has begun mailing notification letters to affected individuals, the scope of the breach is substantial in the Palmetto State, affecting over 64,000 residents. The compromised information potentially includes:
- Full Names
- Social Security Numbers
- Other Personal Identifiers potentially associated with university records.
The university noted that individuals might be affected even if they do not recall a direct recent relationship with the institution, as the data could belong to former applicants, suppliers, or long-past students.
University Response and Consumer Safety
In response to the breach, the University of Phoenix has notified law enforcement and implemented measures to enhance security to prevent future incidents.
To support those affected, the university is offering complimentary identity protection services through IDX. These services include:
- Credit and Dark Web Monitoring
- $1 Million Identity Fraud Loss Reimbursement Policy
- Fully Managed Identity Theft Recovery Services
The deadline to enroll in these complimentary services is March 22, 2026.
Steps to Protect Your Data
Residents who receive a notification letter or believe they may be affected are urged to take immediate protective steps:
- Enroll in Protection Services: Visit https://response.idx.us/uphoenix/ or call 1-833-353-7866 to enroll using the code provided in the letter.
- Monitor Accounts: Vigilantly review account statements and credit reports for suspicious activity.
- Consider a Security Freeze: Residents have the right to place a security freeze on their credit files at no cost, which prevents new credit from being opened in their name without a PIN.
- Place a Fraud Alert: A free initial fraud alert can be placed on credit reports, requiring creditors to contact you before establishing new accounts.
For further assistance, affected individuals can contact the dedicated call center at 1-833-353-7866, Monday through Friday from 7:00 a.m. to 7:00 p.m. Mountain Time.
Newsletter
Stay Informed with the WRHI/CN2 Weekly Newsletter.
Get all the top stories delivered straight to your inbox every Sunday morning—just like the classic Sunday paper. Grab your coffee and catch up on everything you missed this week. Sign up today!
