NEW YORK, October 9, 2025 – Google said dozens of organizations were compromised in a hacking campaign targeting Oracle’s (ORCL.N) enterprise software, with mass customer data stolen.
The breach raises concerns about enterprise security vulnerabilities that could expose companies to regulatory penalties and business disruption costs.
- Hackers targeted Oracle’s E-Business Suite applications
- Mass amounts of customer data reportedly stolen
- Clop ransomware group likely behind attacks
Market Context and Impact
Oracle shares have declined approximately 2% over the past week as the security incident emerged 1. The attack highlights growing cybersecurity risks facing enterprise software providers, with companies like Microsoft (MSFT.O) and Salesforce (CRM.N) also facing increased scrutiny over data protection measures.
Oracle’s E-Business Suite serves as critical infrastructure for many Fortune 500 companies, managing customer relationships, supplier networks, and financial operations across industries.
Attack Details
Google’s Mandiant cybersecurity unit said the hackers exploited vulnerabilities in Oracle’s E-Business Suite applications 2. The campaign appears to be linked to the Clop ransomware group, though Google noted other threat actors may be involved.
“In some cases, the threat actor successfully exfiltrated a significant amount of data from impacted organizations,” Google stated in its blog post 6. The company described the hacking campaign as “high volume” but did not specify exact victim counts.
Corporate Response
Oracle previously acknowledged that hackers were attempting to extort its customers but did not immediately respond to requests about the total number of affected clients 8. At least one company has confirmed that data from their Oracle systems was stolen, according to sources familiar with the matter 7.
The attacks represent a shift toward targeting enterprise software platforms rather than individual companies, potentially amplifying the scale and impact of data breaches across multiple organizations simultaneously.
Industry Implications
The incident underscores mounting pressure on enterprise software vendors to strengthen security measures as cybercriminals increasingly target cloud-based business applications. Companies using Oracle’s E-Business Suite may face compliance reviews and potential customer notification requirements depending on the nature of compromised data.
Cybersecurity experts warn that such supply chain attacks could become more frequent as hackers recognize the efficiency of targeting widely-used enterprise platforms to access multiple victims through a single breach point.
Not investment advice. For informational purposes only.
References
1Reuters (October 9, 2025). “Google says ‘dozens of organizations’ affected by Oracle-linked hacking campaign”. Reuters. Retrieved October 9, 2025.
2CyberScoop (October 9, 2025). “Dozens of Oracle customers impacted by Clop data theft for extortion”. CyberScoop. Retrieved October 9, 2025.
3Economic Times (October 9, 2025). “Google says ‘dozens of organisations’ affected by Oracle-linked hacking campaign”. Economic Times. Retrieved October 9, 2025.
4US News (October 9, 2025). “Google Says ‘Dozens of Organizations’ Affected by Oracle-Linked Hacking Campaign”. US News. Retrieved October 9, 2025.
5Global Banking & Finance (October 9, 2025). “Google says ‘dozens of organizations’ affected by Oracle-linked hacking campaign”. Global Banking & Finance. Retrieved October 9, 2025.
6Breaking The News (October 9, 2025). “Google says numerous firms hit by Oracle-linked hacking”. Breaking The News. Retrieved October 9, 2025.
7Bloomberg (October 2, 2025). “Oracle Apps Exploited by Hackers in New Extortion Campaign”. Bloomberg. Retrieved October 9, 2025.
8Reuters (October 3, 2025). “Oracle says hackers are trying to extort its customers”. Reuters. Retrieved October 9, 2025.
9Yahoo Finance (October 2, 2025). “Oracle Apps Exploited by Hackers in New Extortion Campaign”. Yahoo Finance. Retrieved October 9, 2025.