A shadowy group of hackers is shaking up the business world. They have Oracle, a major technology company, in their sights. These criminals claim to have taken valuable data from Oracle’s widely used E-Business Suite. Now, they are demanding huge sums of money, with some ransoms reaching $50 million. Oracle has confirmed it is looking into these attacks on its customer applications.
This isn’t just a small breach. The group, known as Cl0p, is targeting executives at large companies. They say they have stolen sensitive information from Oracle’s E-Business Suite. This software is vital for thousands of global corporations. Banks, retail chains, and manufacturers all rely on it for key operations. The stolen data could lead to massive leaks if companies don’t pay up. This comes from reports by outlets like Bloomberg.
Oracle, founded in 1977 and based in Austin, Texas, is a global leader. It provides essential software for businesses. Its E-Business Suite package is especially popular. It handles accounting, logistics, and customer management. Many older, established organizations use this suite. They might not always update their systems quickly.
🔒🚨 Hackers demand up to USD $50 million from Oracle for sensitive data theft
The Cl0p group has compromised Oracle’s E-Business Suite applications.
It is suspected that they exploited known vulnerabilities in the system and affected large corporations.
The company… pic.twitter.com/8cUlscJSE5
— Diario฿itcoin (@Blaze Trends)
Hackers Demand Millions
The trouble started bubbling up in late September. It mostly hit customers who use E-Business Suite web portals. The hackers first got in by compromising user email accounts. They then misused the standard password reset feature. This gave them valid login details to sneak into the systems. Once inside, they grabbed sensitive data. This included financial and operational details. Then, they launched a huge extortion campaign. They sent emails from hundreds of hacked third-party accounts.
The group claims to be linked to Cl0p. This group is known for its quiet, large-scale data thefts. It’s thought to be Russian in origin. They sent messages showing proof of the breach. These included screenshots and lists of files. They are asking for massive amounts of money. Cybersecurity firm Halcyon reported one demand for $50 million. Halcyon calls Cl0p “notorious for massive data thefts that increase their bargaining power in extortions.”
These emails began on September 29. They are full of grammatical errors in English, a trademark of this group. Executives at at least a dozen major organizations have received them. The names of these victims are still under wraps.
Oracle’s E-Business Suite Under Fire
Oracle officially confirmed its investigation last Thursday. It told its employees about the known flaws in E-Business Suite being exploited. The company had actually released security patches for these issues back in July. This was also reported by Bloomberg.
“The company found out about known vulnerabilities in its product being used,” two sources close to the case told the newspaper. “It had offered updates for these in July.” An Oracle spokesperson did not quickly reply to requests for more comments. However, the company has urged its customers to apply any pending updates. This should help lower the risks.
This isn’t Cl0p’s first attack. In 2023, they exploited a flaw in MOVEit Transfer software. This affected hundreds of groups, including Shell, British Airways, and the BBC. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued warnings about their methods. CISA suggested inventorying assets, monitoring ports, and immediate updates.
Experts warn this event could hit affected companies hard. It’s not just about potential financial losses. There’s also the risk of legal penalties. Regulations like Europe’s GDPR or HIPAA for health data could apply. It’s unclear if any victims have given in to the demands yet. But this campaign highlights how urgent it is for businesses to have strong “cyber hygiene.” As Oracle speeds up its response, the business world waits to see. This could become one of 2025’s biggest data breaches.