Google Confirms Oracle Cyberattack Impacted Dozens of Global Organizations
Google reports a major Oracle software breach that hit dozens of global firms. Cl0p ransomware exploited a zero-day flaw, exposing sensitive corporate data.
Raja Awais Ali
10/9/20251 min read
Google Reveals: Dozens of Organizations Hit by Oracle Cyberattack
Washington / San Francisco — Google’s cybersecurity team has reported that a major cyberattack linked to Oracle software exploited a vulnerability in Oracle’s widely used E-Business Suite, compromising data from several global organizations. The breach took advantage of a zero-day flaw, identified as CVE-2025-61882, which allowed attackers to gain full system control of targeted enterprises.
Investigators believe the campaign may be linked to the Cl0p ransomware group, a collective known for large-scale data theft and extortion operations worldwide.
Oracle confirmed that some of its clients received extortion emails warning that their stolen data would be leaked unless ransom payments were made. The company stated that it has released security patches to address the issue and is working with law-enforcement agencies to identify those responsible.
Experts suggest the attack began in late September 2025, initiated through a large phishing campaign targeting executives with fake internal emails. Many organizations that failed to install Oracle’s July security update were particularly vulnerable.
The affected entities reportedly include major corporate and public-sector clients. Cybersecurity analysts warn that the breach demonstrates how even top-tier enterprise platforms can be exploited when updates are delayed.
“Even the most secure business systems can be compromised if organizations ignore patch cycles and rely on outdated defenses.”
Google said it had shared detailed indicators of compromise (IOCs) with affected clients and urged companies to immediately update systems, review access logs, and strengthen authentication protocols to prevent further breaches.
Oracle, meanwhile, assured users that the exploited vulnerability had been fixed in its most recent update but acknowledged that “some systems may still be exposed due to delayed patch adoption.”
This incident serves as a reminder that cybersecurity is an ongoing process, not a one-time investment. Experts advise companies to implement data encryption, endpoint monitoring, and secure backup systems to reduce risks from future attacks.
While the total amount of data stolen has yet to be disclosed, analysts describe this as one of 2025’s most serious corporate cyber incidents, raising questions about global IT preparedness against evolving digital threats.