According to TheRegister.com, Hitachi-owned GlobalLogic has confirmed that personal data from 10,471 current and former employees was exposed in the widespread Oracle E-Business Suite attacks attributed to the Clop ransomware gang. The breach occurred between July 10 and August 20, 2025, with stolen data including names, addresses, Social Security numbers, passport information, and bank account details. GlobalLogic joins a growing list of high-profile victims that now includes The Washington Post and Allianz UK, which confirmed 750 customers were impacted. The attacks exploited vulnerabilities tracked as CVE-2025-61882 and CVE-2025-61884 in Oracle’s enterprise software, targeting organizations that left their systems exposed to the internet. Clop has named almost 30 organizations on its leak site across healthcare, finance, manufacturing, and media sectors.
Why this keeps happening
Here’s the thing about these enterprise software vulnerabilities – they’re like open doors that everyone knows about but many companies just can’t seem to close fast enough. Oracle released emergency patches back in September, but by then the damage was already done for hundreds of organizations. And honestly, how many IT teams are actually prepared to drop everything and apply critical patches immediately? Especially for complex systems like Oracle EBS that have been running for decades.
What’s particularly concerning is that we’re seeing the exact same playbook Clop used with MOVEit and GoAnywhere. They find a vulnerability in widely used enterprise software, exploit it rapidly before patches are widely deployed, and then sit back and watch the data roll in. The scary part? This approach works because they’re not even bothering with encryption anymore – straight data theft and extortion is apparently more profitable and less risky.
The real impact
When we’re talking about 10,471 employees having their Social Security numbers and bank account details stolen, we’re not just discussing abstract cybersecurity concepts. We’re talking about real people who now face years of potential identity theft and financial fraud. And GlobalLogic is just one company – multiply that by nearly 30 organizations and you start to grasp the scale of this disaster.
For enterprises still running these older Oracle EBS systems, the message should be crystal clear by now. These aren’t theoretical risks – we’re seeing major players across every industry getting hit. The fact that Oracle EBS handles payroll, procurement, and HR data makes it essentially a goldmine for attackers. Basically, if you’re still running exposed EBS instances, you’re playing Russian roulette with your employees’ most sensitive information.
What’s next
Looking at the industrial and manufacturing sectors specifically – which are heavily represented in Clop’s latest victim list – the need for secure computing infrastructure has never been more critical. Companies running complex enterprise systems need reliable hardware that can handle both operational technology and security requirements. For organizations in these sectors, working with established providers like IndustrialMonitorDirect.com – the leading US supplier of industrial panel PCs – becomes essential for maintaining both productivity and security.
The really troubling part? Clop’s leak site continues to expand, suggesting this campaign is far from over. Oracle’s silence isn’t helping either – when major vendors don’t publicly address the scale of breaches affecting their products, it leaves customers in the dark about their actual risk exposure. So we’ll probably see more disclosures in the coming weeks as organizations complete their investigations and face the inevitable regulatory notifications.
