Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack

Posted on By CWS

The Washington Put up says almost 10,000 people are affected by a knowledge breach stemming from a cyberattack on its Oracle E-Enterprise Suite (EBS) occasion. 

A menace actor related to the usage of the Cl0p ransomware, presumably a cluster of a gaggle tracked as FIN11, focused the Oracle EBS situations of dozens of organizations via the exploitation of zero-day vulnerabilities. 

The assaults got here to mild in early October when the hackers tried to extort victims. Greater than 40 organizations that refused to pay a ransom have been listed thus far on the Cl0p leak web site, together with The Washington Put up.

Over 120 GB of archive recordsdata allegedly storing knowledge stolen from the newspaper have been made public via the Cl0p leak web site. 

In a submitting with the Maine Lawyer Basic’s Workplace, The Washington Put up mentioned the attackers stole the non-public info of 9,720 present and former workers and contractors. 

Compromised knowledge contains names, checking account numbers and routing numbers, Social Safety numbers, and tax ID numbers. 

The media firm mentioned it was contacted by the menace actor on September 29. An investigation confirmed that the hackers accessed knowledge between July 10 and August 22.

The disclosure confirms earlier experiences that exploitation of the Oracle EBS vulnerabilities might have began as early as July, months earlier than the patches have been launched.Commercial. Scroll to proceed studying.

The Washington Put up is among the many few organizations named on the Cl0p web site which have confirmed being impacted by the Oracle EBS marketing campaign. 

Confirmed victims additionally embody Hitachi subsidiary GlobalLogic, Harvard College, and American Airways subsidiary Envoy Air. Different main corporations have but to verify influence, both as a result of their investigations are ongoing or as a result of they’re making an attempt to keep up a low profile.

Associated: NHS Investigating Oracle EBS Hack Claims

Associated: Industrial Giants Schneider Electrical and Emerson Named as Victims of Oracle Hack

Associated: Akira Ransomware Group Made $244 Million in Ransom Proceeds

Security Week News Tags:, , , , ,

Related Posts

Radical Empowerment From Your Leadership: Understood by Few, Essential for All Security Week News
Air France, KLM Say Hackers Accessed Customer Data Security Week News
Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers Security Week News
In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias Security Week News
Ray Security Emerges From Stealth With $11M to Bring Real-Time, AI-Driven Data Protection Security Week News
Critical Authentication Bypass Flaw Patched in Teleport Security Week News