OEVP A.I CyberSecurity Scoring
OEVP
Company Information
Website:http://www.evp.upenn.edu/
Employees number:23
Number of followers:851
NAICS:6113
Industry Type:Higher Education
Homepage:upenn.edu
OEVP Risk Score (AI oriented)
Between 550 and 599
OEVPHigher Education
Updated:
04/04/2026
04/04/2026
567/1000
Very Poor
Ca
OEVP Global Score (TPRM)
xxxx
OEVPHigher Education
Score locked

OEVPVery Poor
Current Score
567Ca (VERY POOR)
01000
2 incidents
-106 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
578
JUNE 2026
576
MAY 2026
570
APRIL 2026
570
MARCH 2026
566
FEBRUARY 2026
562
JANUARY 2026
559
DECEMBER 2025
654
Breach
01 Dec 2025 • OEVP
Office of the Executive Vice President: Penn investigating new data breach affecting business software, personal records
Oracle E-Business Suite Cybersecurity Breach at University of Pennsylvania
591
CRITICAL-63
OFF1764706785
Penn is investigating a cybersecurity breach of its Oracle E-Business Suite servers that compromised the personal information of University-affiliated individuals across multiple states.
The breach — identified by the University in November — exploited the business software Penn uses to manage internal operations, according to letters filed with attorneys general in multiple states. Penn is in the process of notifying individuals whose personal information was compromised by the incident, according to a University spokesperson.
“The University of Pennsylvania was one of nearly 100-already identified organizations simultaneously impacted by the widely exploited Oracle E-Business Suite incident, involving a previously unknown security vulnerability in Oracle’s system,” the spokesperson wrote in a statement to The Daily Pennsylvanian.
Penn has implemented “the patches that Oracle issued to resolve the vulnerability” and “has found no evidence that any of this information has been or is likely to be publicly disclosed or misused for fraudulent purposes,” the statement added.
In a Dec. 1 letter notifying impacted individuals, Penn wrote that its investigation — assisted by federal law enforcement and cybersecurity experts — discovered that “some data from Penn’s Oracle EBS had been obtained without authorization.”
It remains unclear how many individuals were affected. According to information filed with the Office of the Maine Attorney General, the breach affected 1,488 state
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
654
OCTOBER 2025
652
SEPTEMBER 2025
650
AUGUST 2025
769
Ransomware
01 Aug 2025 • OEVP
Office of the Executive Vice President: University of Pennsylvania Confirms Data Breach Linked to Oracle Hack
University of Pennsylvania Oracle E-Business Suite Data Breach
620
CRITICAL-149
OFF1764700650
The University of Pennsylvania has revealed a data breach stemming from a cyberattack on its Oracle financial systems.
Quick Summary – TLDR:
Hackers exploited a zero-day flaw in Oracle E-Business Suite to access Penn’s internal systems.
Personal data of at least 1,488 individuals was stolen, with the real number possibly much higher.
The Clop ransomware gang is suspected, linking Penn to a wider cyber extortion campaign.
Penn joins other Ivy League schools recently hit by phishing and data theft attacks.
What Happened?
The University of Pennsylvania has confirmed a data breach involving its Oracle E-Business Suite (EBS) after attackers exploited a previously unknown vulnerability to steal sensitive personal information. The incident occurred in August but was officially disclosed in a filing with the Maine Attorney General’s office. The university says the breach is part of a larger cyberattack campaign affecting nearly 100 organizations.
Penn’s Oracle Systems Breached
In the breach notification sent to affected individuals, the university explained that unauthorized access to Penn’s Oracle EBS platform had occurred. A thorough investigation revealed that personal data was stolen, although the specific types of information remain undisclosed. The university has directly notified the 1,488 confirmed impacted individuals, though it admits the actual number could be far greater.
In an official statement, Penn said:
“ We discovered that some data from Penn’s Oracle EBS
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for OEVP ??
What was OEVP's A.I Rankiteo Cyber Score in June 2026 ??
What was OEVP's A.I Rankiteo Cyber Score in May 2026 ??
What was OEVP's A.I Rankiteo Cyber Score in April 2026 ??
What was OEVP's A.I Rankiteo Cyber Score in March 2026 ??
What was OEVP's A.I Rankiteo Cyber Score in February 2026 ??
What was OEVP's A.I Rankiteo Cyber Score in January 2026 ??
What was OEVP's A.I Rankiteo Cyber Score in December 2025 ??
What was OEVP's A.I Rankiteo Cyber Score in November 2025 ??
What was OEVP's A.I Rankiteo Cyber Score in October 2025 ??
What was OEVP's A.I Rankiteo Cyber Score in September 2025 ??
What was OEVP's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on OEVP's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with OEVP ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view OEVP's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?