Washington Post Data Breach: Linked to Oracle Hacks

Washington Post Targeted in Oracle Software Hack

The Washington Post has confirmed it was compromised in a hacking incident linked to vulnerabilities within Oracle’s suite of corporate software applications.

Initial Reports and Confirmation

News of the breach was initially reported by Reuters on Friday. The newspaper released a statement acknowledging its systems were impacted “by the breach of the Oracle E-Business Suite platform.”

A representative from The Post did not provide an immediate response to a request for comment from TechCrunch.

Oracle's Response

When contacted via email, Oracle spokesperson Michael Egbert directed TechCrunch to previously released security advisories. He did not address specific inquiries regarding the incident.

Clop Ransomware Gang and the Exploits

Last month, Google identified the Clop ransomware group as exploiting multiple security flaws in Oracle’s E-Business Suite software. This software is widely used by businesses for critical operations, including HR data management and storage of sensitive information.

According to Google, the exploitation resulted in the theft of customer data and employee records from over 100 organizations.

Timeline of the Attack

The hacking campaign surfaced in late September. Executives at affected companies began receiving extortion demands from email addresses associated with the Clop gang.

These messages claimed substantial amounts of confidential business data and personal employee information had been stolen from compromised Oracle systems.

Ransom Demands

Halcyon, an anti-ransomware firm, reported that the hackers demanded a $50 million ransom payment from one executive at a targeted company.

Clop's Claim of Responsibility

On Thursday, Clop publicly claimed responsibility for hacking The Washington Post on its website. The group stated the company “ignored their security,” a common tactic used when victims fail to meet ransom demands.

Extortion Tactics

It is typical for ransomware and extortion groups, such as Clop, to publicly disclose the names of victims and samples of stolen data. This serves as a pressure tactic, often indicating failed or broken negotiations.

Other Affected Organizations

Harvard University and Envoy, a subsidiary of American Airlines, have also confirmed they were affected by the Oracle E-Business Suite hacks.

These incidents highlight the growing threat to organizations utilizing Oracle’s corporate software and the increasing sophistication of ransomware groups.