Oracle Apps Data Breach: Hackers Send Extortion Emails to Executives

Ransomware Group Targets Large Organizations

Google has reported that hackers linked to a highly active ransomware operation are dispatching extortion emails to executives at a significant number of large companies.

These emails follow claims of successful data theft from various business software applications created by Oracle.

Details of the Cybercrime Activity

Genevieve Stark, Google’s lead in cybercrime analysis, released a statement to TechCrunch indicating the emails began circulating around September 29th.

However, Google has not yet verified the validity of the hackers’ assertions regarding stolen data.

The emails originated from hundreds of compromised accounts, including one associated with a financially motivated cybercrime group known to be connected to the Clop ransomware gang.

Clop's Tactics and Impact

Charles Carmakal, CTO of Google’s Mandiant incident response team, explained to TechCrunch that the malicious emails included contact details featured on Clop’s data leak site.

This site is utilized by the hackers to exert pressure on victims to pay a ransom for the removal of their compromised files.

Clop has a history of targeting numerous companies, frequently exploiting previously unknown security vulnerabilities – often referred to as zero-day vulnerabilities.

These vulnerabilities allow the group to simultaneously breach multiple organizations, resulting in the theft of data pertaining to potentially tens of millions of individuals.

Extortion Demands and Access Methods

Reports from Bloomberg indicate that one affected company faced a ransom demand of $50 million, as cited by the counter-ransomware firm Halcyon.

Cynthia Kaiser of Halcyon confirmed to TechCrunch via email that the extortion attempts involve “direct outreach to IT leaders and C-Suite executives.”

The hackers reportedly gained access by compromising user emails and exploiting the default password-reset functionality of internet-accessible Oracle E-Business Suite web portals.

Oracle E-Business Suite and its Importance

Oracle E-Business Suite is a comprehensive suite of products designed to assist companies in managing crucial data, including customer databases, employee records, and human resources information.

Oracle states that thousands of organizations globally depend on its E-Business Suite for core business operations.

A request for comment directed to Oracle spokesperson Deborah Hellinger on Thursday went unanswered.

Seeking Further Information

Do you possess additional information concerning this extortion campaign? Are you an executive who has received a threat? We are interested in hearing from you, and anonymity will be maintained.