The Washington Post has acknowledged being among the organizations compromised in a hacking campaign linked to Oracle’s business software suite.
Reuters initially broke the story on Friday, quoting a statement from the newspaper confirming it was impacted “by the breach of the Oracle E-Business Suite platform.”
A representative for the Post did not promptly address TechCrunch’s request seeking their input.
When contacted via email, Oracle’s representative, Michael Egbert, directed TechCrunch to the company’s previously released advisories, without addressing our specific inquiries.
Last month, Google indicated that the Clop ransomware group was actively targeting companies by exploiting various vulnerabilities found in Oracle’s E-Business Suite software, utilized by businesses for essential operations, including storing HR records and other sensitive data.
According to Google, these exploits enabled the hackers to exfiltrate business data and employee records belonging to over 100 companies.
The campaign by the hackers commenced in late September, with corporate executives reporting the receipt of extortion emails originating from addresses previously connected to the Clop gang. These emails claimed that hackers had acquired extensive sensitive internal business data and personal employee details from compromised Oracle systems.
Halcyon, an anti-ransomware company, informed TechCrunch that the hackers were demanding a ransom of $50 million from one executive at a victimized company.
On Thursday, Clop asserted on its website that it had successfully hacked The Washington Post, alleging the company “ignored their security,” a typical phrase used by the Clop group when a victim fails to meet their ransom demands.
It’s common practice for ransomware or extortion groups, such as Clop, to disclose the identities and leaked data of their victims as a form of coercion, suggesting that the victim either hasn’t engaged in payment negotiations or that negotiations have failed.
Numerous other entities have verified their compromise due to the Oracle E-Business hacks, notably Harvard University and Envoy, a subsidiary of American Airlines.
