Emails claim Oracle data theft in new Clop-linked extortion campaign

A new extortion campaign linked to the Clop ransomware group is targeting Oracle with emails claiming data theft. These emails allege that sensitive Oracle data has been stolen and threaten to release it unless a ransom is paid. This campaign highlights the ongoing trend of ransomware groups using data theft and extortion tactics to pressure victims into paying. Clop, known for its sophisticated ransomware operations, continues to evolve its attack methods by combining ransomware deployment with data exfiltration and public shaming. Organizations, especially large enterprises like Oracle, are prime targets due to the valuable data they hold. The campaign underscores the importance of robust cybersecurity measures, including email filtering, employee training, and incident response planning to mitigate such threats. Businesses should also monitor for signs of data breaches and be prepared for potential extortion attempts. This incident serves as a reminder of the growing risks posed by ransomware groups and the need for comprehensive defense strategies to protect sensitive information and maintain operational integrity.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 02 Oct 2025 03:15:05 +0000

Cyber News related to Emails claim Oracle data theft in new Clop-linked extortion campaign

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com

Emails claim Oracle data theft in new Clop-linked extortion campaign - A new extortion campaign linked to the Clop ransomware group is targeting Oracle with emails claiming data theft. These emails allege that sensitive Oracle data has been stolen and threaten to release it unless a ransom is paid. This campaign ...
2 months ago Bleepingcomputer.com Clop

Clop extortion emails claim theft of Oracle E-Business Suite data - The Clop ransomware gang has escalated its extortion tactics by sending threatening emails to victims, claiming they have stolen sensitive data from Oracle E-Business Suite environments. These emails warn organizations that their stolen data will be ...
2 months ago Bleepingcomputer.com Clop

31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
1 year ago Pandasecurity.com

Integris Health patients get extortion emails after cyberattack - Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors. Integris ...
2 years ago Bleepingcomputer.com Hunters

Oracle links Clop extortion attacks to July security flaws - Oracle has linked the Clop ransomware extortion group to a series of attacks exploiting security vulnerabilities disclosed in July. These flaws, which affect Oracle products, have been leveraged by Clop to conduct targeted extortion campaigns against ...
2 months ago Bleepingcomputer.com CVE-2023-21839 CVE-2023-21840 CVE-2023-21841 Clop

CVE-2016-0635 - Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, ...
6 years ago

Clop ransomware gang targets executives with extortion emails - The Clop ransomware group has escalated its extortion tactics by directly targeting corporate executives with threatening emails. These emails demand ransom payments to prevent the release of stolen sensitive data. The campaign highlights the ...
2 months ago Infosecurity-magazine.com Clop

Food giant WK Kellogg discloses data breach linked to Clop ransomware - Kellogg is the latest victim of a long list of companies impacted by Clop's Cleo zero-day attacks, with the threat actors gradually disclosing additional victims and stolen data samples several months after the incident. The previous disclosure ...
8 months ago Bleepingcomputer.com CVE-2024-50623

Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
2 years ago Bleepingcomputer.com

Hertz confirms customer info and drivers' licenses stolen in data breach - Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. "On February 10, 2025, we confirmed that Hertz data was acquired by ...
8 months ago Bleepingcomputer.com

Hertz confirms customer info, drivers' licenses stolen in data breach - Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. "On February 10, 2025, we confirmed that Hertz data was acquired by ...
8 months ago Bleepingcomputer.com

The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
1 year ago Hackread.com

A version of the Clop ransomware designed for Linux systems was aimed at universities and colleges but had flaws - On December 26, researchers observed the first Clop ransomware variant targeting Linux systems. Clop has been around since 2019, attacking large companies, financial institutions, primary schools, and critical infrastructure around the world. After ...
2 years ago Therecord.media

Oracle patches EBS zero-day exploited in Clop data theft attacks - Oracle has released critical security patches addressing a zero-day vulnerability in its E-Business Suite (EBS) software, which has been actively exploited by the Clop ransomware group. This vulnerability allowed attackers to gain unauthorized access ...
2 months ago Bleepingcomputer.com CVE-2023-21839 Clop

Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com

Threat Group Using Rare Data Transfer Tactic in New RemcosRAT Campaign - A threat actor known for repeatedly targeting organizations in Ukraine with the RemcosRAT remote surveillance and control tool is back at it again, this time with a new tactic for transferring data without triggering endpoint detection and response ...
1 year ago Darkreading.com

Possible Clop campaign extorting executives with stolen data - A recent cyber extortion campaign possibly linked to the Clop ransomware group has been targeting executives by threatening to leak their stolen data. This campaign represents a sophisticated evolution in ransomware tactics, focusing on high-profile ...
2 months ago Therecord.media Clop

The Clop Ransomware Vulnerability Enabled Linux Users to Retrieve Their Files for an Extended Period of Time - The Clop ransomware gang has recently been spotted using a malware variant that is specifically designed to target Linux servers. However, a flaw in the encryption scheme has allowed victims to recover their files without paying the criminals any ...
2 years ago Bleepingcomputer.com

Oracle says "obsolete servers" hacked, denies cloud breach - BleepingComputer has also separately confirmed with multiple Oracle customers that samples of the leaked data (including associated LDAP display names, email addresses, given names, and other identifying information) received from the threat actor ...
8 months ago Bleepingcomputer.com

Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
2 years ago Cybersecurity-insiders.com

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH - A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. These breaches have ...
4 months ago Bleepingcomputer.com Hunters Scattered Spider

CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
8 years ago

Chainalysis: 2023 a 'watershed' year for ransomware - 2022 was generally seen as a down year for ransomware. CrowdStrike saw the average ransom payment drop from $5.7 million in 2021 to $4.1 million in 2022; Mandiant said it responded to 15% fewer ransomware incidents in 2022 than the previous year. ...
1 year ago Techtarget.com

Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
1 year ago Darkreading.com