Campus Alert Archive
ORU

Three Days of Unauthorized System Access at Oral Roberts University Exposes Student and Staff Social Security Numbers

OKcyber attackadvisorymedium confidence
Under Investigation

Between December 15 and December 17, 2024, Oral Roberts University in Tulsa, Oklahoma experienced unauthorized access to its systems during which personal data including names and Social Security numbers was exfiltrated. The university notified affected individuals by mail on February 19, 2025, approximately two months after discovery, and offered two years of complimentary credit monitoring through Experian IdentityWorks.

Alerts
1
Response
Killed
Injured
Institution
Oral Roberts University
Private Liberal Arts · OK
ORU Emergency Notification
Confirmed Timeline

Alert Sequence

1 message in sequence

Some alert texts below are approximate reconstructions from news coverage, not confirmed verbatim transcripts. Reconstructed texts are shown in italic with a dashed border. Verified verbatim texts have a solid border and are marked accordingly.

FOLLOW-UPmail
Approximate reconstruction617 chars
Dear [Name], We are writing to notify you of a data security incident that may have involved your personal information. On or about December 15-17, 2024, we discovered unauthorized access to certain Oral Roberts University systems, during which data was taken. Our investigation determined that the following information was accessed: your name and Social Security number. We immediately took steps to secure our systems and launched a thorough investigation. We are providing you with 24 months of complimentary credit monitoring through Experian IdentityWorks. We sincerely apologize for any concern this may cause.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Notification was sent by mail rather than electronically, a standard practice for data breach notifications under state breach notification laws; the two-month gap between discovery and notification was at the longer end of typical timelines.
The breach was classified as a 'data security incident' rather than ransomware; ORU confirmed data was 'taken' over a three-day window, consistent with a data exfiltration attack.
Context

Background

Oral Roberts University, the charismatic Christian university founded by televangelist Oral Roberts in Tulsa, Oklahoma in 1963, experienced a data breach between December 15 and 17, 2024. Attackers gained unauthorized access to ORU's systems and exfiltrated personal data including names and Social Security numbers of students, employees, and possibly alumni. The university secured its network and launched an investigation, but did not notify affected individuals until February 19, 2025 -- approximately two months later -- in written mail notifications. ORU offered 24 months of complimentary credit monitoring through Experian IdentityWorks to affected individuals. Multiple law firms launched class action investigations on behalf of those impacted. In response, ORU installed additional firewalls, security applications, and stronger password policies. The incident illustrates the growing vulnerability of faith-based universities to data exfiltration attacks targeting enrollment and HR systems containing Social Security numbers.
Outcome
Unauthorized access to names and Social Security numbers. ORU implemented additional firewalls, security applications, and password protocols. Multiple law firms launched data breach investigations.
Provenance

Sources

  1. legal filing
    Oral Roberts University Data Breach Lawsuit Investigation - ClassAction.org
    classaction.org
  2. legal filing
    Federman & Sherwood Investigates Oral Roberts University for Data Breach - GlobeNewswire
    globenewswire.com
  3. News
    Oral Roberts University Data Breach Exposes Social Security Numbers - ClaimDepot
    claimdepot.com
Tags
cyber-attackdata-breachsocial-security-numberscharismatic-universitytulsaoklahomachristian-universitypersonal-dataexperianclass-actionUnder Investigation
Added May 2026Updated May 2026Via ingestion