Overview
- Logitech disclosed in a Form 8-K that data was exfiltrated in a recent cybersecurity incident.
- The company says attackers used a third‑party zero‑day vulnerability that has since been patched by the software vendor.
- Researchers have tied the broader campaign to an Oracle E‑Business Suite flaw tracked as CVE‑2025‑61882 used by Clop in data‑theft operations.
- Clop has listed Logitech on its leak site and claims to have published about 1.8 terabytes of allegedly stolen data.
- Logitech reports no impact to products, operations or manufacturing, believes sensitive IDs or payment data were not in the affected systems, and has engaged external cybersecurity firms to investigate.