Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack

Posted on By CWS

The Washington Put up says almost 10,000 people are affected by a knowledge breach stemming from a cyberattack on its Oracle E-Enterprise Suite (EBS) occasion. 

A menace actor related to the usage of the Cl0p ransomware, presumably a cluster of a gaggle tracked as FIN11, focused the Oracle EBS situations of dozens of organizations via the exploitation of zero-day vulnerabilities. 

The assaults got here to mild in early October when the hackers tried to extort victims. Greater than 40 organizations that refused to pay a ransom have been listed thus far on the Cl0p leak web site, together with The Washington Put up.

Over 120 GB of archive recordsdata allegedly storing knowledge stolen from the newspaper have been made public via the Cl0p leak web site. 

In a submitting with the Maine Lawyer Basic’s Workplace, The Washington Put up mentioned the attackers stole the non-public info of 9,720 present and former workers and contractors. 

Compromised knowledge contains names, checking account numbers and routing numbers, Social Safety numbers, and tax ID numbers. 

The media firm mentioned it was contacted by the menace actor on September 29. An investigation confirmed that the hackers accessed knowledge between July 10 and August 22.

The disclosure confirms earlier experiences that exploitation of the Oracle EBS vulnerabilities might have began as early as July, months earlier than the patches have been launched.Commercial. Scroll to proceed studying.

The Washington Put up is among the many few organizations named on the Cl0p web site which have confirmed being impacted by the Oracle EBS marketing campaign. 

Confirmed victims additionally embody Hitachi subsidiary GlobalLogic, Harvard College, and American Airways subsidiary Envoy Air. Different main corporations have but to verify influence, both as a result of their investigations are ongoing or as a result of they’re making an attempt to keep up a low profile.

Associated: NHS Investigating Oracle EBS Hack Claims

Associated: Industrial Giants Schneider Electrical and Emerson Named as Victims of Oracle Hack

Associated: Akira Ransomware Group Made $244 Million in Ransom Proceeds

Security Week News Tags:, , , , ,

Related Posts

UK Sanctions Russian Hackers Tied to Assassination Attempts Security Week News
Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums Security Week News
Thousands of SaaS Apps Could Still Be Susceptible to nOAuth Security Week News
Hundreds of Thousands Affected by Auchan Data Breach Security Week News
In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research Security Week News
Microsoft to Lay Off About 3% of Its Workforce Security Week News