The Washington Post has confirmed that it was among the victims of a major hacking campaign linked to Oracle’s suite of corporate software applications.
The newspaper said it was affected “by the breach of the Oracle E-Business Suite platform,” according to a statement first reported by Reuters.
The attack is part of a wider campaign that targeted companies using Oracle’s E-Business Suite, a platform widely used for managing business operations, human resources, and sensitive corporate data. Last month, Google revealed that the ransomware group known as Clop was behind these attacks, exploiting multiple vulnerabilities in Oracle’s software to steal business and employee information from more than 100 organizations.
The hacking campaign reportedly began in late September, when company executives started receiving extortion emails sent from addresses linked to the Clop gang. The hackers claimed to have stolen large amounts of confidential business data and personal employee details from Oracle systems. In some cases, Clop demanded enormous ransom payments; one company executive was reportedly asked to pay $50 million to prevent data exposure.
On Thursday, Clop claimed responsibility for hacking The Washington Post, saying the company had “ignored their security.” The group often uses such statements to pressure victims who refuse to pay or end negotiations. It’s a common tactic among ransomware and extortion gangs, who frequently release victim names or stolen files to increase leverage.
Oracle has not issued new comments on the breach but referred inquiries to its previous advisories addressing the vulnerabilities. Several other major organizations, including Harvard University and Envoy, a subsidiary of American Airlines, have also confirmed being impacted by the Oracle E-Business Suite attacks.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
