Dozens’ Of Organizations Had Data Stolen In Oracle-Linked Hacks
Security researchers at Google have confirmed that dozens’ of organizations had data stolen in Oracle-linked hacks, marking one of the most widespread corporate breaches this year. The campaign, tied to the Russia-linked Clop extortion group, exploited multiple flaws in Oracle’s E-Business Suite, targeting corporate executives and sensitive data.
Image Credits:David Paul Morris / Bloomberg / Getty Images
Google Confirms Widespread Oracle Exploits
In a statement shared with TechCrunch, Google revealed that the Clop gang had taken advantage of several security vulnerabilities in Oracle’s enterprise software to steal massive amounts of sensitive data. The affected organizations reportedly include firms that use Oracle’s systems for operations, customer databases, and human resources files — making the breach especially damaging.
Hackers Exploited Oracle’s E-Business Suite
Oracle’s E-Business Suite helps businesses manage critical functions such as employee records, financial systems, and client data. According to Google’s blog post, the Oracle-linked hacks began as early as July 10, long before the attacks were publicly detected.
Oracle admitted earlier this week that the hackers were still actively exploiting its software, even after initial patches were released. This directly contradicts earlier claims by Oracle’s chief security officer, Rob Duhart, who said the vulnerabilities had been addressed. His post was later removed.
The Zero-Day Bug Behind The Oracle Breach
Oracle’s security advisory described the exploited vulnerability as a zero-day bug, meaning the flaw was already being used by attackers before Oracle had time to develop a fix. The company warned that the bug could be “exploited over a network without the need for a username or password,” giving hackers easy access to valuable corporate data.
Clop Ransomware Group Strikes Again
The Clop ransomware and extortion gang, believed to be based in Russia, has become infamous for orchestrating massive data theft campaigns. The group’s previous exploits involved zero-day attacks on managed file transfer tools such as MOVEit, Cleo, and GoAnywhere. These tools, like Oracle’s software, handle large volumes of confidential business data — making them prime targets for cybercriminals.
Google Shares Defense Tips For Affected Organizations
In its post, Google provided a list of technical indicators, including email addresses and digital footprints linked to the attackers. Security teams are urged to check for signs of extortion emails and other activity suggesting that Oracle systems may have been compromised.
What This Means For Businesses
This latest revelation reinforces the importance of patch management and proactive cybersecurity in enterprise software. As attackers increasingly target third-party platforms like Oracle, companies must ensure rapid updates and real-time monitoring to protect sensitive data.
The confirmation that dozens’ of organizations had data stolen in Oracle-linked hacks underscores how vulnerable even well-established systems can be when exploited by sophisticated ransomware groups.
Post a Comment