The Cl0p ransomware group, known for high-profile attacks, has claimed responsibility for breaching the NHS, highlighting vulnerabilities in Oracle’s E-Business Suite (EBS) related to CVE-2025-61882. The NHS serves over 1.3 million patients daily, and the organization is collaborating with the National Cyber Security Centre to investigate the incident. Despite Cl0p’s announcement, the NHS has emphasized that there is no public data leak from the breach.
As part of a wider campaign that targeted over 40 organizations, Cl0p has indicated that NHS’s shortcomings in cybersecurity are a concern for public safety. Security experts have noted that the critical vulnerability allows for remote code execution on unpatched Oracle EBS servers, which are vital in healthcare operations. This incident underscores the importance of timely patching and multi-factor authentication in preventing attacks. The investigation is ongoing, and while no data exfiltration has been confirmed, the risk to public health services remains significant, as previous breaches have led to serious consequences.
👉 Pročitaj original: Cyber Security News
