Cox Enterprises experienced a data breach resulting from a zero-day exploit in Oracle E-Business Suite, leading to the exposure of personal data for thousands of individuals. The breach was linked to Cl0p ransomware group, which has a history of exploiting unknown vulnerabilities in widely used software. #CVE-2025-61882 #Cl0p
Keypoints
- Cox Enterprises was compromised through a zero-day vulnerability in Oracle E-Business Suite.
- The breach occurred between August 9-14, 2025, but was detected in late September.
- Cl0p ransomware is credited with exploiting the CVE-2025-61882 vulnerability prior to Oracle releasing a patch.
- Multiple large organizations have been affected by Cl0p exploits, including Logitech and Harvard University.
- Cox has offered free identity theft protection and credit monitoring to impacted individuals.