Overview
- GlobalLogic said attackers accessed its Oracle platform from July 10 to August 20, identified exfiltration on October 9, and reported no impact to systems outside Oracle.
- The company’s notices list names, contact details, dates of birth, national identifiers such as Social Security numbers, passport data, salary information, and bank account and routing numbers.
- The Washington Post separately filed a November 12 notice reporting data theft affecting nearly 10,000 staff and contractors, with access between July 10 and August 22 and identity‑protection services offered to those with Social Security or tax IDs exposed.
- Oracle disclosed CVE‑2025‑61882 on October 4 and issued patches, while Mandiant says multiple Oracle EBS flaws were abused during a campaign first observed in early July.
- Clop has listed almost 30 alleged victims including Harvard, Envoy Air and Allianz UK, favors data‑leak extortion over encryption, and has made seven‑ and eight‑figure demands according to researchers; BleepingComputer notes GlobalLogic has not appeared on the leak site.