Google Warns More Than 100 Companies Hit in Major Oracle Hacking Campaign | NTD

Google's cybersecurity division revealed that the notorious Clop ransomware group exploited a previously unknown Oracle E-Business Suite vulnerability, potentially affecting over 100 companies in what could become one of 2025's largest data breaches.

The sophisticated attack began as early as August, targeting Oracle's widely-used business software that manages customer relationships, suppliers, and logistics operations. Hackers exploited the zero-day vulnerability weeks before security patches became available, stealing massive amounts of customer data through custom malware and encrypted communication channels.

• Clop ransomware group launched extensive extortion campaign targeting Oracle E-Business Suite users across multiple industries
• Hackers exploited CVE-2025-61882 vulnerability for weeks before Oracle released emergency security patches on October 4
• Attack methodology included multi-stage infiltration with custom malware stored directly in Oracle databases to avoid detection
• Google expects victim count to exceed 100 companies based on previous Clop campaign patterns and current breach scope