Subj : The Washington Post confirms it suffered an Oracle-linked data br To : All From : TechnologyDaily Date : Mon Nov 10 2025 14:30:09 The Washington Post confirms it suffered an Oracle-linked data breach Date: Mon, 10 Nov 2025 14:19:51 +0000 Description: The Post joins Harvard University, Schneider Electric, and others in being struck by Cl0p and FIN11. FULL STORY ======================================================================Cl0p ransomware gang leaked Post data after alleged refusal to pay ransom Oracle E-Business Suite zero-day exploited to breach over 100 companies, including The Washington Post Other victims include Harvard, Schneider Electric; law enforcement warns against ransom payments We can now add The Washington Post to the growing list of companies hacked via the apparent security issues with some Oracle business software. In early October 2025, news broke that hackers were mailing executives at various organizations across the United States , warning them that they stole their sensitive files through Oracle E-Business Suite systems, and demanding a ransom payment in exchange for deleting the stolen files. Subsequent investigations determined Oracles software carried a remote code execution (RCE) zero-day in versions 12.2.3-12.2.14. It was later also reported that the attacks were happening months before Oracle released a patch, and that dozens of companies were hit. Those dozens grew to more than a hundred. Two hacking collectives are being linked to this campaign - financially-motivated FIN11, and the infamous Cl0p ransomware gang. No evidence of abuse The Post has now issued a statement confirming it, too, fell prey to the attack. At the same time, Cl0p added The Washington Post to its data leak site, stating that the company ignored their security which, according to TechCrunch, means it decided not to pay the ransom demand. We dont know how much money Cl0p asked from the Post, but earlier reports claimed that one victim was asked for $50 million. News of Oracle-related hacks have been coming in for some time, with multiple other high-profile companies were confirmed to have been hit, including Harvard University, Schneider Electric, Pan American Steel, and Cox Enterprises. The full list of victims is not publicly available, and probably never will be. There is a good chance that some of the victims will pay the ransom demand and never be listed on Cl0ps data leak site. Law enforcement usually advises against paying the ransom demand, saying that it motivates the threat actors to mount even more attacks, and gives them the funds needed to continue operating. Via TechCrunch Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. ====================================================================== Link to news story: https://www.techradar.com/pro/security/the-washington-post-confirms-it-suffere d-an-oracle-linked-data-breach --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .