Key Takeaways
- Over 100 companies likely hit by Oracle-linked hacking campaign
- CL0P ransomware group suspected behind massive data theft
- Attack may have started three months ago, targeting Oracle’s E-Business Suite
- Google working with affected organizations to assess damage
Google has revealed that more than 100 companies were likely impacted by a widespread hacking campaign targeting Oracle’s business software products. The tech giant’s initial assessment links the attack to the CL0P ransomware group and suggests it began approximately three months ago, resulting in substantial customer data theft.
Details of the Security Breach
According to Google’s analysis cited by Reuters, the operation involved “mass amounts of customer data” stolen through Oracle’s E-Business Suite. This platform is widely used by enterprises to manage customers, suppliers, logistics, and other critical business operations.
Google stated that the attackers likely invested significant resources into pre-attack research before successfully breaching systems. The company’s cybersecurity division noted that CL0P has a history of exploiting vulnerabilities in third-party software and service providers.
Google analyst Austin Larsen emphasized the scale of the incident: “We are aware of dozens of victims, but we expect there are many more. Based on the scale of previous CL0P campaigns, it is likely there are over a hundred.”
Response from Oracle and CL0P Group
Oracle did not immediately respond to Reuters’ request for comment, though the company had previously confirmed that extortion activity was directed at its clients. The CL0P hacker group also remained silent but had earlier claimed Oracle had “bugged up their core product.”
Broader Implications
This attack highlights growing cybersecurity risks facing enterprise software providers and their customers globally. Google is currently working with affected organizations to assess the full scale of the breach and help secure compromised systems.
Given Oracle’s significant role in handling sensitive business and operational data for companies worldwide, this security incident could have far-reaching consequences for international business operations and data protection standards.
