The Washington Post has announced it was a victim of a hacking campaign linked to Oracle’s corporate software. Reuters first reported the news, citing a statement from the newspaper confirming it was affected by a breach of the Oracle E-Business Suite platform. A spokesperson for the Post did not immediately respond to a request for comment.
Oracle spokesperson Michael Egbert referred inquiries to two security advisories the company had previously posted and did not answer specific questions.
Last month, Google reported that the ransomware gang known as Clop was targeting companies by exploiting multiple vulnerabilities in Oracle’s E-Business Suite software. This software is used by companies for business operations, storing human resources files, and other sensitive data. According to Google, these exploits allowed hackers to steal customer business data and employee records from more than one hundred companies.
The hacking campaign began in late September. At that time, corporate executives reported receiving extortion emails from addresses previously linked to the Clop gang. The messages claimed the hackers had stolen large amounts of sensitive internal business data and employees’ personal information from compromised Oracle systems. The anti-ransomware firm Halcyon stated that hackers demanded one executive at an affected company pay a fifty million dollar ransom.
On Thursday, Clop claimed on its website that it had hacked The Washington Post. The group stated that the company had ignored its security, which is language the gang typically uses when a victim does not pay. It is common for ransomware gangs to publicize their victims’ names and stolen files as a pressure tactic. This often suggests the victim has not negotiated a payment or that negotiations have broken down.
Several other organizations have confirmed they are affected by the Oracle E-Business hacks. These include Harvard University and Envoy, a subsidiary of American Airlines.