{"id":3530,"date":"2025-11-17T08:29:09","date_gmt":"2025-11-17T08:29:09","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2025\/11\/17\/globallogic-becomes-latest-cl0p-victim-after-oracle-ebs-attack\/"},"modified":"2025-11-17T08:29:09","modified_gmt":"2025-11-17T08:29:09","slug":"globallogic-becomes-latest-cl0p-victim-after-oracle-ebs-attack","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/11\/17\/globallogic-becomes-latest-cl0p-victim-after-oracle-ebs-attack\/","title":{"rendered":"GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack"},"content":{"rendered":"<div>\n<p><img decoding=\"async\" src=\"https:\/\/ft365.org\/wp-content\/uploads\/2025\/06\/localimages\/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg?width=64&#038;height=64&#038;mode=crop&#038;scale=both&#038;format=webp\" alt=\"Photo of Phil Muncaster\" loading=\"lazy\"><\/p>\n<\/div>\n<div id=\"cphContent_pnlArticleBody\">\n<div id=\"layout-a23379ef-6c49-44f4-856d-24fc5ee57d70\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>US-headquartered GlobalLogic has notified thousands of current and former employees that their data was compromised in a recent large-scale data extortion campaign.<\/p>\n<p>According to a notification letter posted to the Office of the Maine Attorney General, the Hitachi-owned software company informed 10,471 individuals about the data breach, which targeted its Oracle E-Business Suite (EBS) platform.<\/p>\n<p>\u201cOracle issued a security advisory on October 4, 2025, about a previously unknown zero-day exploit. GlobalLogic uses Oracle EBS, a collection of applications, to manage core business functions such as finance, HR, accounts payable and receivable,\u201d the breach notification letter read.<\/p>\n<p>\u201cAs soon as we learned of the vulnerability, GlobalLogic immediately investigated and determined that it had been exploited within our instance of Oracle.\u201d<\/p>\n<p><em>Read more on Oracle EBS campaign: NCSC: Patch Critical Oracle EBS Bug Now<\/em><\/p>\n<p>The firm patched the zero-day bug, but its investigation confirmed that data had been exfiltrated on October 9\u00a02025.<\/p>\n<p>Oracle had confirmed that threat actors were likely exploiting \u201cvulnerabilities\u201d on October 2, with Google Mandiant confirming the news four days later.<\/p>\n<h2>Phishing Risk For Employees<\/h2>\n<p>\u201cThe personal information involved in this incident was from our Oracle platform, which includes HR information for current and former personnel,\u201d the notification letter continued.<\/p>\n<p>\u201cThat information includes personal information collected as part of Human Resources, and could involve the following information of yours: name, address, phone number, emergency contact (name and phone number), email, date of birth, nationality, country of birth, passport information, internal GlobalLogic employee number, national identifier or tax identifier such as Social Security Number, salary information, bank account information, and routing number.\u201d<\/p>\n<p>This kind of information would be a treasure trove for threat actors looking to launch follow-on phishing campaigns impersonating GlobalLogic and other organizations, or to commit identity fraud.<\/p>\n<p>The firm didn\u2019t share whether it had been contacted by the threat group behind the campaign, the notorious Cl0p outfit. However, Google said it\u2019s aware of dozens of victims, although the final tally could be over 100.<\/p>\n<p>The only other victim organizations\u00a0to have been identified publicly to date are Harvard University and Envoy Air.<\/p>\n<\/p><\/div>\n<p>Image credit:\u00a0CryptoFX \/ Shutterstock.com<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>US-headquartered GlobalLogic has notified thousands of current and former employees that their data was compromised in a recent large-scale data extortion campaign. According to a notification letter posted to the Office of the Maine Attorney General, the Hitachi-owned software company informed 10,471 individuals about the data breach, which targeted its Oracle E-Business Suite (EBS) platform.<\/p>\n","protected":false},"author":2,"featured_media":3531,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3530","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/11\/3530-4b00549d-2bdc-4902-99f1-30ceca8dac64-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3530","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=3530"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3530\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/3531"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=3530"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=3530"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=3530"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}