Insurance Journalยท2025-10-06 05:05Core Insights - A notorious ransomware group, allegedly linked to Cl0p, is extorting large organizations by claiming to have stolen data from Oracle's E-Business Suite applications [1][2][4] Group Activities - The extortion emails began circulating on or before September 29, sent from hundreds of compromised third-party accounts, claiming data theft [2][4] - The emails exhibit poor English and grammar, typical of the group, and include contact details listed on Cl0p's website [3][4] Company Impact - Oracle's E-Business Suite is critical for core business operations, including financial, supply chain, and customer relationship management [2] - Cl0p has a history of targeting large companies with sophisticated malware, previously exploiting vulnerabilities in MOVEit, affecting hundreds of organizations [5] Cybersecurity Context - In June 2023, the US Cybersecurity and Infrastructure Security Agency labeled Cl0p as one of the largest phishing and malspam distributors, estimating over 3,000 organizations compromised in the US and 8,000 globally [6]