Oracle EBS Extortion Emails Linked to Clop Gang

Cyber Security News by CyberSum.net

Published on October 2, 2025 at 12:51 PM

3 sources

A widespread extortion campaign is targeting executives at companies that use Oracle E-Business Suite. Attackers are sending high-volume emails from compromised accounts, claiming to have stolen sensitive data from the organizations' systems. While the data theft claims have not yet been verified, security researchers have linked the campaign's tactics and contact information to the notorious Clop extortion group. The group is known for exploiting vulnerabilities to steal data and then demanding ransom payments. Organizations receiving these threatening emails are advised to investigate their Oracle environments for any signs of unauthorized access.

Also Read

Salesforce Customer Data Leaked in Massive Extortion Plot

A hacking collective known as Scattered LAPSUS$ Hunters has launched a data leak site to extort dozens of companies. The group is threatening to release approximately one billion records stolen from victims' Salesforce instances if ransoms are not paid. High-profile organizations are listed on the site with samples of their stolen data, which includes sensitive customer and employee information. The threat actors are also pressuring Salesforce directly to pay a ransom to prevent the data of all its affected customers from being leaked. While the attacks targeted individual customer accounts, the cloud service provider states its core platform was not compromised.

By Cyber Security News by CyberSum.netOctober 3, 2025 at 06:00 PM