Google has announced that an ambitious hacking campaign targeting Oracle’s suite of business products has likely impacted over 100 organizations.
According to the company, “mass amounts of customer data” were stolen in an operation that may have been active for up to three months. Google’s early assessment suggests that dozens of victims are already confirmed, but given the scale of previous campaigns by the group CL0P, the number of affected organizations is expected to rise.
The hackers exploited vulnerabilities in Oracle’s E-Business Suite (EBS), used by many companies for managing logistics, suppliers, human resources, and other core operations, to gain unauthorized access. In some cases, the attackers successfully exfiltrated significant amounts of data, according to Google and its Mandiant subsidiary.
To mitigate further damage, Google advised Oracle clients to apply emergency security patches (especially those released on October 4), audit affected systems, monitor logs for suspicious activity, and restrict outbound network access where possible.
Oracle has confirmed that customers of its EBS have received extortion emails demanding ransom, though the company has not disclosed the total number of impacted clients.
The full extent of the breach is still being assessed, but the incident underscores growing risks associated with supply-chain and enterprise software vulnerabilities in critical business infrastructure.
About the Author
