Canon confirmed its U.S. subsidiary was targeted in the Oracle E-Business Suite hacking campaign. The incident affected only a web server, and no Canon data has been leaked so far. Other companies, including Cox Enterprises and Mazda, also reported impacts from the same campaign.

The University of Phoenix reported a data breach affecting 3.5 million individuals, discovered in November 2025 after cybercriminals targeted its systems over the summer. Compromised data includes names, birth dates, Social Security numbers, and bank information, though no leaked data has surfaced publicly. Other universities were also affected by the same campaign.

Logitech has confirmed a data breach linked to the Clop extortion gang, which exploited a vulnerability in Oracle E-Business Suite. The stolen data may include limited employee and customer information, but sensitive data like credit card details was not compromised. This breach follows a trend of similar attacks targeting organizations through zero-day vulnerabilities.

LKQ Corporation has confirmed a data breach affecting over 9,000 individuals due to a cyberattack targeting Oracle's E-Business Suite. The compromised information includes sensitive personal details like Social Security Numbers and Employer Identification Numbers. The company reported that several terabytes of data were stolen, and this incident follows a previous attack on LKQ last year.

Cox Enterprises disclosed a data breach affecting 9,479 individuals after hackers exploited a zero-day vulnerability in Oracle E-Business Suite. The breach occurred in August, but the company only detected it in late September. Cl0p ransomware has claimed responsibility for the attack.

Logitech confirmed a data breach after being named a victim in the Cl0p ransomware attack related to Oracle's EBS vulnerabilities. The breach may involve limited employee and consumer data, but the company asserts that sensitive information like credit card details was not affected. Logitech does not expect significant financial repercussions from this incident.

Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.

Clop ransomware group is targeting Oracle customers with extortion emails, demanding payments in exchange for not releasing stolen data. These emails are part of a broader trend of ransomware attacks aimed at various organizations, highlighting the ongoing threat of cyber extortion in the corporate sector.