The Cl0p extortion group has claimed responsibility for a zero-day campaign against Oracle E-Business Suite (EBS) customers that exfiltrated data for extortion, with cybersecurity experts saying the operation may be driven by actors including FIN11. More than 100 alleged victims across industries were listed on Cl0p’s leak site — with large archives (e.g., ~2TB for Broadcom, ~870GB for Estée Lauder) published as torrents — yet some major companies such as Broadcom, Bechtel, EsteeLauder, and Abbott have not publicly commented on the incident. #Cl0p #FIN11 #OracleEBS #Broadcom #EsteeLauder
Keypoints
- Cl0p claimed a zero-day campaign targeting Oracle E-Business Suite to steal data for extortion.
- Cybersecurity researchers believe the operation may involve multiple actors, notably FIN11.
- Over 100 alleged victims were listed across sectors, with torrent links to large archive files.
- Several major firms (Broadcom, Bechtel, Estée Lauder, Abbott) have not issued public statements.
- Companies may delay or avoid disclosure due to legal, regulatory, or reputational concerns and investigations can take months.