Washington Post confirms data breach in Oracle hack
▼ Summary
– The Washington Post confirmed it was affected by a hacking campaign targeting Oracle’s E-Business Suite platform.
– The ransomware gang Clop exploited vulnerabilities in Oracle’s software to steal business data and employee records from over 100 companies.
– Clop began extorting companies in late September by claiming to have stolen sensitive data and demanding ransoms, including one for $50 million.
– The gang publicly named The Washington Post as a victim, alleging the company ignored its security, a tactic used when victims don’t pay.
– Other affected organizations include Harvard University and American Airlines subsidiary Envoy, as part of the same Oracle-related hacks.
The Washington Post has confirmed its involvement in a significant data breach linked to vulnerabilities within Oracle’s widely used corporate software applications. This incident underscores the persistent threat that ransomware groups pose to major organizations relying on third-party platforms for critical operations.
According to initial reports, the newspaper acknowledged its systems were compromised through the Oracle E-Business Suite platform, a collection of applications that businesses utilize for managing human resources, financial records, and other confidential corporate information. A spokesperson for The Washington Post has not yet provided additional comments regarding the situation. When contacted, Oracle’s representative directed inquiries to previously issued advisories without addressing specific questions about the breach.
Last month, Google’s security team identified the ransomware group known as Clop as the perpetrator behind these attacks. The hackers exploited multiple security flaws in Oracle’s E-Business Suite to infiltrate corporate networks. Their campaign reportedly resulted in the theft of sensitive business data and employee records from over one hundred organizations.
The extortion effort began in late September, when executives at various firms started receiving threatening emails. These messages, traced to addresses associated with Clop, claimed the group had successfully exfiltrated substantial volumes of proprietary business documents and personal employee details from compromised Oracle systems. In one instance highlighted by cybersecurity firm Halcyon, hackers demanded a staggering $50 million ransom from an executive at an affected company.
On its dark web site, Clop recently asserted it had breached The Washington Post, accusing the organization of having “ignored their security.” Such public accusations are a common pressure tactic employed by ransomware gangs, often indicating that the victim has either refused to pay or that negotiations have collapsed. Publicly naming victims and threatening to release stolen files is a strategy designed to coerce payments and inflict reputational damage.
Several other prominent entities have also reported impacts from the same Oracle E-Business Suite exploits. Among those confirming their involvement are Harvard University and Envoy, a subsidiary of American Airlines, highlighting the broad reach of this coordinated cyberattack.
(Source: TechCrunch)
