Industrial giants Schneider Electrical and Emerson have been named by cybercriminals as victims of the current marketing campaign focusing on Oracle E-Enterprise Suite (EBS) cases.
Menace actors, presumably a cluster of the FIN11 profit-driven menace group, have exploited Oracle EBS vulnerabilities to steal information from dozens of organizations, together with main corporations.
The hackers have began naming alleged victims on the leak web site arrange for the Cl0p ransomware, and in some instances they’ve began releasing information that allegedly originates from the focused corporations.
Two of these alleged victims are Schneider Electrical and Emerson, neither of which has responded to SecurityWeek’s repeated requests for remark.
The Cl0p leak web site accommodates hyperlinks to 2.7 TB of archive information storing data allegedly obtained from Emerson and 116 GB of archive information with data allegedly belonging to Schneider Electrical.
SecurityWeek’s investigation, restricted to a structural evaluation of the leaked file tree and related metadata, signifies that in each instances the info seemingly originates from an Oracle setting.
Safety researcher Dominic Alvieri has independently confirmed that the leaked information was seemingly obtained because of the current Oracle EBS hack.
SecurityWeek has reached out to a number of of the businesses listed on the Cl0p leak web site and none of them has responded, seemingly as a result of their ongoing investigations. Commercial. Scroll to proceed studying.
Nonetheless, main organizations akin to Harvard College, South Africa’s Wits College, and American Airways subsidiary Envoy Air have publicly confirmed being impacted.
The menace group that’s behind the current Oracle EBS hack can be believed to have carried out related campaigns focusing on Cleo, MOVEit, and Fortra file switch merchandise. Every of these operations focused many organizations and resulted in large quantities of information being compromised.
Whereas historic proof suggests the cybercriminals answerable for the Oracle EBS marketing campaign are unlikely to make false claims of compromise, they, and different profit-driven teams, have been noticed exaggerating the sensitivity of the exfiltrated information.
If confirmed, this may not be the primary time Schneider Electrical and Emerson have been focused by cybercriminals.
Roughly one 12 months in the past, the Medusa ransomware group claimed to have stolen almost 1 TB of information from Emerson and demanded a $100,000 ransom.
Schneider Electrical final 12 months confirmed on at the very least two separate events that it had been focused by cybercriminals.
Associated: CISA Confirms Exploitation of Newest Oracle EBS Vulnerability
Associated: Toys ‘R’ Us Canada Buyer Info Leaked On-line
Associated: Hackers Goal Swedish Energy Grid Operator
