Cox Enterprises Hit by Oracle Data Breach - but It Won't Name Who Carried Out the Attack
Companies Mentioned
Why It Matters
The incident underscores the systemic risk of Oracle’s widely used ERP platform and highlights the ongoing threat posed by ransomware groups like Cl0p, prompting enterprises to accelerate patch management and bolster data‑security safeguards.
Summary
Cox Enterprises disclosed that a zero‑day vulnerability in Oracle’s E‑Business Suite was exploited in August 2025, compromising the personal data of 9,479 individuals. The breach was detected in late September, and an investigation concluded on October 31, confirming that full names and other personal details were stolen, with the data later posted on the Cl0p ransomware group’s leak site. Cox applied Oracle’s security patch, engaged cybersecurity experts, and notified law enforcement, while offering up to 24 months of free credit‑monitoring and identity‑theft protection to affected persons.
Cox Enterprises hit by Oracle data breach - but it won't name who carried out the attack
Comments
Want to join the conversation?
Loading comments...