PC Mag reports:
The Washington Post has confirmed it fell victim to a large-scale cybercrime campaign that targeted Oracle’s business applications, joining Harvard University and American Airlines-owned carrier Envoy, which announced similar breaches last month.
The news, first reported by Reuters, comes after Google said in October that it believes around 100 companies were affected by the hacking campaign, and that “large amounts of customer data” were stolen in an operation it said may have begun in July. Google said that it involved hackers taking advantage of a vulnerability in Oracle’s E-Business Suite platform, a widely adopted piece of ERP software which businesses use to manage their operations.
Oracle said in a security notice that several of its customers have faced extortion attempts in relation to the attack. The Post didn’t provide much detail regarding the nature of the recent breach, such as what, if any, data had been lost. According to Google’s researchers, Oracle patched the vulnerability in early October and directed all the product’s users to update their software immediately.
Read more at PC Mag.
