Hundreds of Oracle E-Business Suite Users Hit by Sophisticated Email Hack
Hundreds of Oracle E-Business Suite users have fallen victim to a sophisticated email hacking campaign, with attackers exploiting the software's default password reset feature. The campaign, believed to be the work of the financially motivated hacker group FIN11 and the Cl0p ransomware group, began on or before September 29, 2025.
The attackers are suspected of using Cl0p ransomware, which has been linked to major attacks in recent years. FIN11, operating from the Commonwealth of Independent States (CIS) since August 2020, has been targeting organizations across various industries. In one instance, the group demanded a ransom of up to $50 million, according to cybersecurity firm Halcyon. The group claims to have stolen Oracle E-Business Suite data and is now threatening to leak it if their ransom demands are not met.
Google is tracking the extortion campaign, with reports indicating that the attackers likely gained access to user emails and exploited the default password reset function to steal valid credentials.
The campaign has compromised hundreds of accounts, highlighting the need for robust cybersecurity awareness and regular software updates in my business. Oracle and its users are urged to take immediate action to secure their systems and protect sensitive business data. The investigation into the attack is ongoing, with cybersecurity experts and law enforcement agencies working together to identify and apprehend those responsible.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- Taiwan Bolsters Military Readiness, Joins West in Standing Against Aggression
- Zaporizhzhia Nuclear Plant Faces Crisis as Last Power Line Damaged
