GlobalLogic, a digital engineering company owned by Hitachi, has revealed that personal data from over 10,000 current and former employees was compromised in a series of cyberattacks linked to the Clop ransomware group. In a filing with Maine's attorney general, GlobalLogic confirmed that 10,471 individuals were affected, with stolen data including names, addresses, Social Security numbers, passport information, and bank account details. The attacks exploited vulnerabilities in Oracle’s E-Business Suite (EBS), specifically flaws tracked as CVE-2025-61882 and CVE-2025-61884. The unauthorized access to GlobalLogic’s systems began on July 10, 2025, and the last known activity occurred on August 20, 2025. These dates coincide with reports from Google Threat Intelligence Group and Mandiant, indicating that suspicious traffic targeting Oracle EBS servers started in early July. This incident adds GlobalLogic to a growing list of victims, including The Washington Post and Allianz UK, which have also reported breaches linked to the same exploit. Clop has publicly listed nearly 30 organizations impacted by their campaign, which spans various sectors such as healthcare, finance, and media. Oracle released emergency patches for these vulnerabilities in September, but many organizations were likely compromised before those updates were available. Clop's strategy focuses less on encrypting data and more on theft and extortion, often posting stolen files on dark web sites to pressure victims into compliance. The ongoing nature of this campaign and the continued expansion of Clop's leak site indicates that the threat is still active, with significant implications for organizations relying on Oracle’s EBS platform, which has been a staple in corporate environments for over two decades.