Here’s your weekly #databreach news roundup:
WIRED, University of Phoenix, Baker University, and Nissan.
WIRED
@XposedOrNot += WIRED Data Breach
— XposedOrNot (@XposedOrNot) December 28, 2025
The WIRED #databreach in December 2025 allegedly involved data believed to be sourced from the parent company, Condé Nast, being published online. The incident exposed 2.3 million user records, including email addresses and display names, full… pic.twitter.com/3Gt5g7P33X
The WIRED hashtagdatabreach in December 2025 allegedly involved data believed to be sourced from parent company Condé Nast being published online. The incident exposed 2.3M user records, with the most recent data dating back to September 2025. Exposed information included email addresses and display names, as well as full names, phone numbers, dates of birth, genders, and geographic locations or full physical addresses for a smaller subset of users. The leaked WIRED data is reported to represent a subset of a larger Condé Nast dataset claimed by the threat actor.
Exposed data: Email addresses, Display names, Full names (subset), Phone numbers (subset), Dates of birth (subset), Genders (subset), Geographic locations, Physical addresses (subset)
Read more at: https://xposedornot.com/breach#WIRED
University of Phoenix
University of Phoenix says a cyberattack exposed personal and financial data of nearly 3.5 million students, staff, and suppliers. The #databreach was linked to the Clop ransomware group, which exploited a software flaw.https://t.co/UOv0ZKCqFP
— DevaOnBreaches (@DevaOnBreaches) December 24, 2025
The Clop ransomware group broke into the University of Phoenix’s network in August and stole personal and financial data from about 3.5 million people, including current and former students, staff, and suppliers. The university found the breach in November and confirmed it publicly in December, saying the attackers used a previously unknown flaw in an Oracle financial system to access information like names, contact details, dates of birth, Social Security numbers, and bank details. The university has notified those affected and is offering free identity protection services, such as credit monitoring and fraud reimbursement. This attack appears to be part of a wider Clop campaign that has also hit other major U.S. universities and organizations.
Baker University
Baker University says a cyberattack exposed personal, health, and financial data of about 53,600 people. Attackers accessed its network in December 2024 and stole sensitive records. #databreach https://t.co/dTNe3JQa8U
— DevaOnBreaches (@DevaOnBreaches) December 24, 2025
Baker University has revealed that hackers broke into its network about a year ago and stole sensitive personal, health, and financial information belonging to more than 53,000 people. The university discovered the issue after a system outage in December 2024 and later found that attackers had access for several weeks, taking documents containing details such as names, dates of birth, Social Security numbers, financial and medical information, and other IDs. While there is no evidence so far that the stolen data has been misused, Baker University is offering free credit monitoring and advising affected individuals to watch their accounts closely, as the school continues to investigate the incident and strengthen its systems.
Nissan
Nissan says about 21,000 customers in Fukuoka had personal data exposed after a September #databreach at Red Hat. Leaked details include names, addresses, phone numbers, and emails.https://t.co/gZcM0I1FFj
— DevaOnBreaches (@DevaOnBreaches) December 24, 2025
Nissan has confirmed that customer information was exposed after a data breach at Red Hat, a U.S. software company it uses to manage customer systems. The incident affected about 21,000 customers in Fukuoka, Japan, whose details such as names, addresses, phone numbers, email addresses, and sales-related information were leaked, though no credit card or financial data was involved. Nissan said the breach happened at Red Hat’s servers, there is no sign the data has been misused, and no other Nissan customer data was affected. This comes amid a series of recent cyber incidents involving Nissan and other large organizations.
