Google has warned that hackers are conducting an extortion email campaign targeting executives from various companies. These emails claim that the attackers have stolen sensitive data from the victims’ Oracle business applications.
According to Google, a group claiming affiliation with the cl0p ransomware gang has taken responsibility for the alleged data theft involving the Oracle E-Business Suite. The company described the operation as a high-volume email campaign, but declined to disclose specific details about the number of victims or the scope of the incident.
Google emphasized that it does not yet have enough evidence to confirm the authenticity of the hackers’ claims.
Attempts to obtain a comment from Oracle have gone unanswered.
Cynthia Kaiser, who heads the Ransomware Research Center at Halcyon, reported that her firm has observed ransom demands ranging from millions to tens of millions of dollars, with the largest reaching up to $50 million. While there is some uncertainty regarding a direct link to cl0p, Kaiser noted early indications that the attackers may be associated with the group.
“There’s so much overlap among these cybercriminal organizations, and copycat operations are common across the ecosystem,” Kaiser explained.
In an email statement to Reuters, the cl0p group responded that they were “not prepared to discuss details at this time.”
This incident underscores the growing cyber extortion threat facing corporate leaders and highlights the importance of strengthening email security and ransomware defenses across organizations.