University of Phoenix Data Breach – Investigated by Federman & Sherwood
Oklahoma City, Oklahoma (December 22, 2025) – Federman & Sherwood announces that it is investigating a data security incident involving University of Phoenix, which was reported to the Attorney General of Maine.
According to the filing, the University of Phoenix learned on November 21, 2025, that a previously unknown vulnerability in Oracle E-Business Suite software may have been exploited by an unauthorized third party. The university determined that data was exfiltrated from its Oracle E-Business Suite environment between August 13 and August 22, 2025.
The notification states that the incident involved the personal information of approximately 9,131 Maine residents. The information potentially affected includes names, dates of birth, Social Security numbers, and bank account and routing numbers without access credentials.
The University of Phoenix reported that it worked with third-party cybersecurity experts, notified law enforcement including the FBI, and began notifying affected individuals by U.S. mail. Impacted individuals were also offered complimentary identity protection services, including credit monitoring and identity theft recovery services.
Federman & Sherwood is investigating the circumstances surrounding this incident, including whether adequate security measures were in place to safeguard sensitive personal information and whether affected individuals may have legal claims arising from the breach.
The compromised information may have included:
- Full name
- Social Security number
- Date of birth
- Financial information
- Other sensitive information
What is University of Phoenix?
The University of Phoenix (UOPX) is a private, for-profit online university founded in 1976.
Individuals who received a notification from the University of Phoenix or believe their information may have been compromised are encouraged to contact Federman & Sherwood at 1-800-237-1277 or email info@federmanlaw.com for more information.