Hackers Are Sending Extortion Emails To Executives After Claiming Oracle Apps’ Data Breach
Hackers are sending extortion emails to executives after claiming Oracle apps’ data breach, raising alarms across global enterprises. The attackers, linked to the Clop ransomware gang, say they have accessed sensitive corporate information from Oracle’s E-Business Suite. While the claims remain unverified, the campaign highlights the growing risks facing executives and IT leaders.
Image Credits:MirageC / Getty Images
Google Confirms Suspicious Extortion Attempts
Google revealed that hackers began targeting executives with extortion emails on September 29. According to Genevieve Stark, Google’s head of cybercrime analysis, the company has not yet found evidence that Oracle systems were actually breached.
Still, the hackers used hundreds of compromised accounts to send the emails—one of which was tied to a known financially motivated cybercrime group.
How The Clop Ransomware Gang Is Involved
Charles Carmakal, CTO of Google’s Mandiant, confirmed that the hackers included contact details linked to Clop’s dark web leak site. This site is typically used to pressure victims into paying ransoms in exchange for removing stolen files.
Clop is notorious for exploiting zero-day vulnerabilities—software flaws unknown to developers. By leveraging these flaws, the group has breached multiple organizations at once, stealing data on millions of people.
Massive Ransom Demands Targeting Companies
According to Bloomberg, one company was hit with a $50 million ransom demand. Security firm Halcyon noted that hackers are directly targeting IT leaders and C-Suite executives, bypassing traditional communication routes. This direct approach adds psychological pressure, making executives more likely to consider payment.
Exploiting Oracle E-Business Suite
Reports suggest the hackers gained access by exploiting Oracle E-Business Suite web portals. By abusing password-reset features and using stolen credentials, they were able to infiltrate systems.
Oracle’s E-Business Suite is widely used by global enterprises for managing customer databases, HR files, and employee information. Its widespread adoption makes it an attractive target for hackers looking to cause widespread disruption.
Oracle’s Silence Raises Concerns
Oracle has not issued a public statement about the alleged breach. Requests for comment have gone unanswered, fueling speculation and uncertainty among organizations that rely heavily on Oracle products.
What This Means For Enterprises
This incident shows how hackers are increasingly targeting executives directly—not just IT infrastructure. Even if Oracle apps were not breached, the extortion emails themselves create fear, confusion, and potential reputational damage for companies.
Cybersecurity experts urge organizations to:
-
Monitor for suspicious emails targeting executives.
-
Audit Oracle E-Business Suite portals and reset passwords.
-
Train leaders to identify social engineering and extortion tactics.
-
Establish clear incident response protocols.
Post a Comment