"In a filing with Maine's attorney general, submitted on November 12, the Post details how the newspaper was contacted by a "bad actor" on September 29 who claimed to have breached its Oracle EBS environment. An internal investigation later confirmed the intruder's claims and tied the access to the previously unknown Oracle EBS vulnerability that cybercriminals have exploited across multiple organizations. The Clop ransomware gang has claimed responsibility for those attacks, posting dozens of alleged victims on its dark web leak site."
"According to the Post's notice, attackers accessed and exfiltrated data between July 10 and August 22. The newspaper determined on October 27 that the stolen information included names, bank account and routing numbers, Social Security numbers, and tax ID numbers belonging to current and former staff and contractors. Almost 10,000 people were ultimately notified, and affected individuals whose Social Security numbers or tax IDs were compromised have been offered complimentary identity-protection services."
"The notification letter states that the vulnerability "was unknown prior to this incident, has impacted many Oracle customers, and is not specific to the Post." The newspaper stresses that it moved quickly to lock down its environment once the intrusion was detected and applied Oracle's patches as soon as they became available. Oracle has said little publicly about the wave of mass exploitation that followed the discovery of the EBS flaw."
Nearly 10,000 employees and contractors had sensitive personal data stolen after attackers exploited a previously unknown Oracle E-Business Suite vulnerability. Attackers accessed and exfiltrated data between July 10 and August 22, with the intrusion confirmed after a bad actor contacted the organization on September 29. The stolen data included names, bank account and routing numbers, Social Security numbers, and tax ID numbers for current and former staff and contractors. Affected individuals whose Social Security numbers or tax IDs were compromised were offered complimentary identity-protection services. The organisation applied Oracle's patches promptly after detection, while Oracle released emergency fixes in late October but has not disclosed the full scope of affected customers.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]