NewForTech

Home » Latest » Security » The Washington Post confirms that there was a data breach involving Oracle

The Washington Post confirms that there was a data breach involving Oracle

0 hits

Lock on Laptop Screen
2 minutes

Written by

Tech Insider (NewForTech Editorial Team)

in

  • The Cl0p ransomware gang leaked email data after refusing to pay a ransom
  • The Oracle E-Business Suite zero-day attack was used to hack more than 100 companies, including The Washington Post.
  • Other victims include Harvard, Schneider Electric; Police warn of paying ransom

Now we can add Washington Post to the growing list of companies that have come under fire for apparent security issues with some Oracle business software.

In early October 2025, it was revealed that hackers had sent emails to executives of several organizations in the United States warning them that their confidential files had been stolen through Oracle E-Business Suite systems and demanding a ransom in exchange for deleting the stolen files.

Further investigation revealed that Oracle software versions 12.2.3 through 12.2.14 had zero-day remote code execution (RCE). It was also later reported that the attacks occurred months before Oracle released a patch and that “dozens” of companies were affected. The ‘ten’ became ‘more than a hundred’. Two hacker collectives are linked to this campaign: the financially motivated FIN11 group and the infamous Cl0p ransomware gang.

There is no evidence of abuse

The Post issued a statement confirming he was also a victim of the attack.

At the same time, Cl0p added to the Washington Post on its website about the data breach, claiming that the company had “ignored security”, which, according to TechCrunch, meant that it had decided not to pay the ransom. We don’t know how much money Cl0p asked for from the post office, but previous reports suggested that one victim asked for $50 million.

Reports of Oracle-related hacker attacks have been circulating for some time. Other major companies were also confirmed to be affected, including Harvard University, Schneider Electric, Pan American Steel and Cox Enterprises.

The full list of victims is not available to the public and probably never will be. There is a high chance that some victims will pay the ransom and never appear on the Cl0p data breach site.

Law enforcement officials generally advise against paying the requested ransom because this will motivate criminals to carry out more attacks and provide them with the resources they need to continue their operations.

IN TechCrunch