Tech giant Oracle has already verified that its e-business suite (EBS) is being extorted with emails by hackers who have gained access to the suite used by their customers.
The company stated that investigations indicated the use of the already known vulnerabilities, which were resolved in a security update published in July 2025.
Oracle followed up in a public statement that it strongly recommended that all EBS customers implement the latest Critical Patch Updates as soon as possible to ensure the security of their systems.
E-Business Suite is a combination of applications that large organisations utilise to support the primary operations, such as finance, supply chain, and human resources.
Google cybersecurity and Google have associated the extortion campaign with Cl0p, a well-known ransomware-as-a-service organisation.
Security researchers long linked cl0p with Russian-speaking cybercriminals. The group even hires out its hacking tools to other criminals, where they share in the proceeds.
The sums of extortion money demanded are high, according to the cybersecurity firm Halcyon, millions to tens of millions of dollars, and one demand is reportedly as high as 50 million dollars. To coerce companies to pay, the hackers have been showing proof of their breaches to the victims, including screenshots and file directories.
Oracle has not reported the number of clients it has affected, but Google has described the hacking campaign as being of high volume. The situation also underscores the extreme significance of implementing software patches, since threat actors are actively exploiting most of the vulnerabilities that are known to exist in common and popular business software, hoping that most organisations are putting off necessary updates.