Overview
- Envoy Air said its Oracle E‑Business Suite application was compromised in recent days, with law enforcement notified and an investigation underway.
- According to the airline, no sensitive or customer data was affected, though limited business information and commercial contact details may have been exposed.
- The company said the incident did not touch any American Airlines IT environments and did not affect flights or airport ground operations.
- CL0P added American Airlines to its leak site and is publishing data it claims was taken from Envoy as part of the ongoing extortion campaign.
- Oracle issued emergency fixes for E‑Business Suite flaws CVE‑2025‑61882 and CVE‑2025‑61884 as researchers reported months of activity and likely dozens of affected organizations.