Cybercriminals, likely the FIN11 threat group, have exploited vulnerabilities in Oracle E-Business Suite to steal data from major organizations including Schneider Electric and Emerson. The stolen information, amounting to terabytes, has been leaked on the Cl0p ransomware leak website, indicating severe security breaches. #FIN11 #Cl0p #OracleEBS #Emerson #SchneiderElectric
Keypoints
- Cybercriminals exploited Oracle E-Business Suite vulnerabilities to access organizationsβ data.
- Leaked data from Emerson and Schneider Electric amounts to terabytes on the Cl0p leak website.
- Major organizations like Harvard and American Airlines subsidiary have confirmed being impacted.
- The threat group behind the attack has previously targeted other enterprise file transfer products like Cleo and MOVEit.
- Security experts believe the leaked data most likely originates from Oracle environments.