Executives Targeted by Ransomware Group Claiming Oracle Data Breach

By Patrick Howell O’Neill and Margi Murphy

Executives at major organizations are facing extortion attempts from a notorious ransomware group that claims to have stolen sensitive data through Oracle Corp.’s widely used E-Business Suite applications, according to a Google cybersecurity executive and multiple sources familiar with the matter.

The group, which asserts ties to the criminal organization Cl0p, began sending extortion emails on or before September 29. Genevieve Stark, head of cybercrime at Google Threat Intelligence Group, said the emails were sent from hundreds of compromised third-party accounts and included claims of stolen corporate data.

Oracle’s E-Business Suite is a key tool for many companies, managing critical operations such as finance, supply chain, and customer relationship management. A breach involving these applications could expose highly sensitive information, putting organizations at significant risk.

Cybersecurity experts warn that ransomware and extortion attempts are increasingly targeting executives directly, using sophisticated social engineering tactics to pressure companies into paying. They urge organizations to remain vigilant, secure third-party accounts, and ensure regular audits and backups of their critical data.

The investigation is ongoing, and affected companies have yet to publicly confirm the extent of the alleged breaches