Overview
- In filings and notification letters, the Hitachi-owned firm said personal data taken included names, addresses, Social Security numbers, passport details, salary information, and bank account data.
- The investigation found threat activity from July 10 to August 20, with access to Oracle and data exfiltration detected on October 9.
- Security researchers tie the case to Clop’s exploitation of Oracle E‑Business Suite vulnerabilities, including CVE-2025-61882, with Oracle issuing a security advisory and patch on October 4.
- Clop’s leak site has listed nearly 30 alleged victims across sectors, with confirmations from organizations such as The Washington Post, Allianz UK, and Envoy Air.
- GlobalLogic has not appeared on Clop’s leak site, which BleepingComputer notes can indicate ongoing negotiations, and the company says the impact was confined to its Oracle platform with patches and mitigations applied.