Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

Cox Enterprises has confirmed that its Oracle E-Business Suite (EBS) instance was impacted in the recent cybercrime campaign that has targeted many organizations.

The company said the attackers obtained personal information belonging to nearly 9,500 individuals after breaching its Oracle EBS instance between August 9 and August 14.

The number of organizations named on the Cl0p website — apparently as victims of the Oracle EBS hack — has exceeded 100, and nearly half of them are major companies in sectors such as IT, telecommunications, healthcare and pharmaceuticals, heavy industry and manufacturing, automotive and transportation, retail, energy and utilities, and media.

Cl0p has been the public-facing group to take credit for the Oracle EBS campaign, but the cybersecurity community has linked the attacks to an unknown cluster of a threat actor tracked as FIN11, which was also responsible for similar operations targeting customers of Cleo, MOVEit, and Fortra file transfer products.

To read the complete article see: SecurityWeek