Clop extortion emails claim theft of Oracle E-Business Suite data

The Clop ransomware gang has escalated its extortion tactics by sending threatening emails to victims, claiming they have stolen sensitive data from Oracle E-Business Suite environments. These emails warn organizations that their stolen data will be leaked unless a ransom is paid, highlighting the growing trend of ransomware groups combining data theft with extortion to increase pressure on victims. Oracle E-Business Suite is a widely used enterprise resource planning (ERP) software, and the compromise of such systems can lead to significant operational and financial damage. The Clop group is known for targeting large enterprises and has been active in exploiting vulnerabilities to gain unauthorized access to corporate networks. This incident underscores the importance of robust cybersecurity measures, including timely patching, network segmentation, and employee awareness to defend against sophisticated ransomware attacks. Organizations using Oracle E-Business Suite should review their security posture and monitor for any signs of compromise to mitigate potential risks. The rise of extortion emails linked to ransomware attacks signals a shift in cybercriminal strategies, emphasizing the need for comprehensive incident response plans and collaboration with cybersecurity experts to address these threats effectively.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 02 Oct 2025 03:30:03 +0000

Cyber News related to Clop extortion emails claim theft of Oracle E-Business Suite data

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com

Clop extortion emails claim theft of Oracle E-Business Suite data - The Clop ransomware gang has escalated its extortion tactics by sending threatening emails to victims, claiming they have stolen sensitive data from Oracle E-Business Suite environments. These emails warn organizations that their stolen data will be ...
2 months ago Bleepingcomputer.com Clop

Emails claim Oracle data theft in new Clop-linked extortion campaign - A new extortion campaign linked to the Clop ransomware group is targeting Oracle with emails claiming data theft. These emails allege that sensitive Oracle data has been stolen and threaten to release it unless a ransom is paid. This campaign ...
2 months ago Bleepingcomputer.com Clop

Integris Health patients get extortion emails after cyberattack - Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors. Integris ...
2 years ago Bleepingcomputer.com Hunters

31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
1 year ago Pandasecurity.com

Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com

CVE-2016-0635 - Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, ...
6 years ago

Oracle links Clop extortion attacks to July security flaws - Oracle has linked the Clop ransomware extortion group to a series of attacks exploiting security vulnerabilities disclosed in July. These flaws, which affect Oracle products, have been leveraged by Clop to conduct targeted extortion campaigns against ...
2 months ago Bleepingcomputer.com CVE-2023-21839 CVE-2023-21840 CVE-2023-21841 Clop

Oracle patches EBS zero-day exploited in Clop data theft attacks - Oracle has released critical security patches addressing a zero-day vulnerability in its E-Business Suite (EBS) software, which has been actively exploited by the Clop ransomware group. This vulnerability allowed attackers to gain unauthorized access ...
2 months ago Bleepingcomputer.com CVE-2023-21839 Clop

Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
2 years ago Bleepingcomputer.com

Clop ransomware gang targets executives with extortion emails - The Clop ransomware group has escalated its extortion tactics by directly targeting corporate executives with threatening emails. These emails demand ransom payments to prevent the release of stolen sensitive data. The campaign highlights the ...
2 months ago Infosecurity-magazine.com Clop

Hertz confirms customer info and drivers' licenses stolen in data breach - Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. "On February 10, 2025, we confirmed that Hertz data was acquired by ...
8 months ago Bleepingcomputer.com

Hertz confirms customer info, drivers' licenses stolen in data breach - Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. "On February 10, 2025, we confirmed that Hertz data was acquired by ...
8 months ago Bleepingcomputer.com

Food giant WK Kellogg discloses data breach linked to Clop ransomware - Kellogg is the latest victim of a long list of companies impacted by Clop's Cleo zero-day attacks, with the threat actors gradually disclosing additional victims and stolen data samples several months after the incident. The previous disclosure ...
8 months ago Bleepingcomputer.com CVE-2024-50623

The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
1 year ago Hackread.com

A version of the Clop ransomware designed for Linux systems was aimed at universities and colleges but had flaws - On December 26, researchers observed the first Clop ransomware variant targeting Linux systems. Clop has been around since 2019, attacking large companies, financial institutions, primary schools, and critical infrastructure around the world. After ...
2 years ago Therecord.media

Oracle says "obsolete servers" hacked, denies cloud breach - BleepingComputer has also separately confirmed with multiple Oracle customers that samples of the leaked data (including associated LDAP display names, email addresses, given names, and other identifying information) received from the threat actor ...
8 months ago Bleepingcomputer.com

Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com

The Clop Ransomware Vulnerability Enabled Linux Users to Retrieve Their Files for an Extended Period of Time - The Clop ransomware gang has recently been spotted using a malware variant that is specifically designed to target Linux servers. However, a flaw in the encryption scheme has allowed victims to recover their files without paying the criminals any ...
2 years ago Bleepingcomputer.com

Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
2 years ago Cybersecurity-insiders.com

Oracle privately confirms Cloud breach to customers - This comes after a threat actor (known as rose87168) put up for sale 6 million data records on BreachForums on March 20 and released multiple text files containing a sample database, LDAP information, and a list of the companies as proof that the ...
8 months ago Bleepingcomputer.com

Energy giant Schneider Electric hit by Cactus ransomware attack - Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter. BleepingComputer has learned that the ransomware attack hit the ...
1 year ago Bleepingcomputer.com Cactus

Hackers email stolen student data to parents of Nevada school district - The Clark County School District in Nevada is dealing with a potentially massive data breach, as hackers email parents their children's' data that was allegedly stolen during a recent cyberattack. CCSD is the fifth largest school district in the US, ...
2 years ago Bleepingcomputer.com

Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
1 year ago Securityzap.com