The Washington Post confirmed it's among the victims of an ongoing cyberattack by the notorious Clop ransomware gang, which has been exploiting vulnerabilities in Oracle's business software to steal data from over 100 companies. The breach marks another high-profile casualty in what security experts are calling one of the most significant enterprise software attacks of the year.
The Washington Post just became the latest household name caught in a sweeping cyberattack that's been quietly devastating corporate America for months. The newspaper confirmed Friday it was breached through vulnerabilities in Oracle's E-Business Suite software, joining an ever-growing list of victims in what's shaping up as one of the most damaging enterprise hacks of 2025.
The confirmation came after Reuters first reported the Post's statement acknowledging the breach. But the real story isn't just another data theft - it's how the notorious Clop ransomware gang has turned Oracle's widely-used business platform into a goldmine for corporate extortion.
The campaign started in late September when executives across different industries began receiving threatening emails from addresses linked to Clop, claiming the hackers had "stolen large amounts of sensitive internal business data and employees' personal information." What made these threats credible was the hackers' ability to prove they'd actually penetrated Oracle systems that companies rely on for everything from payroll to customer records.
Google's threat intelligence team revealed last month that Clop had been systematically exploiting multiple vulnerabilities in Oracle's E-Business Suite to steal customer business data and employee records from more than 100 companies. The scale became clear when anti-ransomware firm Halcyon told TechCrunch that hackers demanded one executive pay $50 million in ransom - a figure that suggests they'd accessed truly sensitive corporate data.
On Thursday, Clop escalated by publicly naming the Washington Post on its dark web site, using language the gang typically reserves for victims who refuse to pay. "The company ignored their security," the hackers wrote - a familiar taunt that usually signals failed ransom negotiations. It's a pressure tactic that's proven effective: publicizing stolen files often forces companies into paying rather than risk further exposure.
Oracle has been notably tight-lipped throughout the crisis. When TechCrunch reached Oracle spokesperson Michael Egbert for comment, he simply referred to two previously published security advisories without answering specific questions about the ongoing breaches. The company's muted response stands in stark contrast to the escalating damage reports from affected organizations.
