Washington Post confirms data breach linked to Oracle hacks

The Washington Post has said that it was one of the victims of a hacking campaign tied to Oracle’s suite of corporate software apps.  

Reuters first reported the news on Friday, citing a statement from the newspaper that said it was affected “by the breach of the Oracle E-Business Suite platform.” 

A spokesperson for the Post did not immediately respond to TechCrunch’s request for comment 

When reached by email, Oracle spokesperson Michael Egbert referred TechCrunch to its two advisories that it previously posted, and did not answer our questions. 

Last month, Google said that the ransomware gang Clop was targeting companies after exploiting multiple vulnerabilities in Oracle’s E-Business Suite software, which companies use for their business operations, storing their human resources files, and other sensitive data.

The exploits allowed the hackers to steal their customer’s business data and employee records from more than 100 companies, per Google.

The hackers’ campaign began in late September when corporate executives reported receiving extortion messages sent from email addresses previously associated with the Clop gang, claiming that the hackers had stolen large amounts of sensitive internal business data and employees’ personal information from hacked Oracle systems. 

Anti-ransomware firm Halcyon told TechCrunch at the time that the hackers demanded one executive at an affected company to pay $50 million in a ransom payment. 

On Thursday, Clop claimed on its website that it had hacked The Washington Post, claiming that the company “ignored their security,” language that the Clop gang typically uses when the victim does not pay the hackers. 

It’s not uncommon for ransomware or extortion gangs like Clop to publicize the names and stolen files of their victims as a pressure tactic, which can suggest that the victim has not negotiated a payment with the gang, or the negotiation broke down. 

Several other organizations have confirmed they are affected by the Oracle E-Business hacks, including Harvard University and American Airlines subsidiary Envoy.