- Cl0p ransomware gang leaked Post data after alleged refusal to pay ransom
- Oracle E-Business Suite Zero Day Leveraged to Hack More Than 100 Companies, Including The Washington Post
- Other victims include Harvard, Schneider Electric; law enforcement warns against paying ransoms
We can now add The Washington Post to the growing list of companies hacked due to apparent security issues with some Oracle enterprise software.
In early October 2025, reports broke that hackers were sending letters to executives of various organizations across the United States, warning them that they had stolen their sensitive files through Oracle E-Business Suite systems and demanding payment of a ransom in exchange for the deletion of the stolen files.
Subsequent investigations determined that Oracle’s software was running zero-day remote code execution (RCE) in versions 12.2.3 through 12.2.14. It was also later reported that the attacks took place months before Oracle released a patch and that “dozens” of companies were affected. These “dozens” increased to “more than a hundred”. Two hacker collectives are linked to this campaign: FIN11, financially motivated, and the infamous Cl0p ransomware gang.
No evidence of abuse
The Post released a statement confirming he was also a victim of the attack.
At the same time, Cl0p added the Washington Post to its data leak site, stating that the company “ignored their security,” which, according to TechCrunch, means it decided not to pay the ransom demand. We don’t know how much money Cl0p asked the Post for, but previous reports claimed one victim was asked for $50 million.
News of Oracle-related hacks has been coming for some time, and several other high-profile companies have been confirmed to have been affected, including Harvard University, Schneider Electric, Pan American Steel, and Cox Enterprises.
The full list of victims is not publicly available and probably never will be. There is a good chance that some of the victims will pay the ransom demand and will never be listed on the Cl0p data leak site.
Law enforcement generally advises against paying the demanded ransom, saying it motivates threat actors to mount even more attacks and gives them the funds to continue their operations.
Via TechCrunch
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
