Topic: extortion campaign
-
Dozens of organizations hit in Oracle-linked data breach
A major data breach affecting multiple organizations has been linked to security vulnerabilities in Oracle's E-Business Suite, exploited by the Russia-linked Clop ransomware gang to steal sensitive corporate data. Oracle confirmed that hackers are using a zero-day vulnerability, which can be expl...
Read More » -
Clop Ransomware Group Claims Oracle Data Theft in New Extortion Emails
A sophisticated extortion campaign is targeting corporate executives with emails alleging data theft from Oracle E-Business Suite systems, tracked by security firms Mandiant and Google. Attackers, potentially linked to the Clop ransomware group and historically connected to FIN11, demand payment ...
Read More » -
Oracle Ties Clop Ransomware to Critical July 2025 Flaws
Oracle has linked extortion emails from the Clop ransomware group to critical vulnerabilities in its E-Business Suite, which were patched in July 2025, urging customers to apply updates immediately. The attackers claim to have stolen sensitive data from Oracle systems and are threatening to relea...
Read More » -
Salesforce Customers Hit by Hackers in Data Extortion Attack
A new hacking collective called Scattered LAPSUS$ Hunters is extorting Salesforce and its customers by stealing and threatening to release approximately one billion records from major organizations using the platform. The group, composed of members from Lapsus$, Scattered Spider, and ShinyHunters...
Read More » -
Clop Ransomware Strikes Gladinet CentreStack, Steals Data
The Clop ransomware gang is actively targeting businesses using Gladinet CentreStack file-sharing servers by exploiting an unidentified vulnerability to steal sensitive data. Security researchers have identified at least 200 potentially vulnerable servers, and the Clop group has a history of succ...
Read More » -
Envoy Air Hit by Oracle Data Breach, American Airlines Confirms
The Clop ransomware gang breached Envoy Air's Oracle E-Business Suite, claiming responsibility and accusing the company of neglecting security, though Envoy confirmed no sensitive customer data was accessed. This attack is part of a broader campaign by Clop exploiting zero-day vulnerabilities in ...
Read More » -
Dartmouth College Hit by Clop Ransomware Data Breach
Dartmouth College experienced a data breach by the Clop ransomware group, which exploited a zero-day vulnerability in Oracle E-Business Suite to steal personal data, including names and Social Security numbers. The breach affected at least 1,494 individuals, with financial account details also co...
Read More » -
GlobalLogic Alerts 10,000 Staff to Data Theft After Oracle Hack
GlobalLogic notified over 10,000 current and former employees of a data breach after attackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising sensitive HR data. The breach, attributed to the Clop ransomware group, involved the theft of extensive personal and financi...
Read More » -
Harvard Probes Data Breach from Oracle Zero-Day Flaw
Harvard University is investigating a potential data breach after the Clop ransomware group listed it on its leak portal, likely due to a zero-day vulnerability in Oracle's E-Business Suite servers. The university confirmed the issue is widespread among Oracle clients, applied the security patch ...
Read More » -
University of Pennsylvania Discloses New Data Breach Following Oracle Hack
The University of Pennsylvania suffered a data breach after attackers exploited a zero-day flaw in Oracle's financial software, compromising personal information and linking the incident to the Clop ransomware gang's extortion campaign. While the university officially notified 1,488 affected indi...
Read More » -
University of Phoenix Data Breach Exposes 3.5 Million
A data breach at the University of Phoenix compromised the sensitive personal and financial information of approximately 3.5 million individuals, including students, employees, and suppliers. The attack was executed by the Clop ransomware gang, which exploited a zero-day vulnerability in the univ...
Read More » -
Oracle Fixes Zero-Day Exploited in Clop Ransomware Attacks
Oracle has issued an urgent alert for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite, allowing unauthenticated remote code execution and actively exploited by the Clop ransomware group for data theft. The vulnerability affects versions 12.2.3 to 12.2.14, with Oracle re...
Read More »