GlobalLogic, a digital engineering company, reported being affected by a substantial data theft and extortion scheme associated with a zero-day vulnerability in Oracle E-Business Suite. The attack, linked to the Clop ransomware group, exposed sensitive employee information, including Social Security numbers and bank details, of approximately 10,500 current and former employees. Upon detection of the breach on October 9, GlobalLogic confirmed the initial intrusion occurred on July 10.
In response to the incident, GlobalLogic activated its incident response procedures, notified law enforcement, and engaged third-party organizations for further investigation. They also promptly applied patches released by Oracle to mitigate the vulnerability after its disclosure on October 4. Industry experts suggest that numerous organizations have been impacted by Clop’s exploitation of multiple vulnerabilities within the Oracle platform, indicating a widespread threat to customers. According to reports, Clop’s ransom demands have reached significant amounts, contributing to a tense environment for affected organizations, which also includes Envoy Air and others.
👉 Pročitaj original: CyberScoop
