The Washington Post suffered a data breach affecting nearly 10,000 employees due to a zero-day vulnerability in Oracle E-Business Suite exploited by the Clop ransomware group. Multiple organizations, including Harvard and American Airlines’ subsidiary, were also affected by the same security flaw. #OracleEBS #Clop #DataBreach #ZeroDayVulnerability
Keypoints
- The breach involved hacking into the Washington Post’s Oracle E-Business Suite software.
- The attackers exploited a previously unknown zero-day vulnerability tracked as CVE-2025-61884.
- Approximately 9,720 individuals’ personal and financial data were compromised.
- The Clop ransomware group has been linked to the attacks and extortion attempts.
- Other major organizations like Harvard and Envoy Air were also targeted using the same vulnerability.