Cl0p ransomware has leaked 241 GB of data from the NHS and also breached The Washington Post, exposing personal information of nearly 10,000 users. The attacks exploit critical vulnerabilities in Oracle's E-Business Suite, which have been previously flagged by NHS cybersecurity alerts. Experts warn that many systems remain vulnerable despite patches released by Oracle.

Barts Health NHS Trust confirmed that the Cl0p ransomware group stole files from its invoice database, exposing sensitive information like patient names and addresses. The breach, which went undetected for months, highlights ongoing vulnerabilities in NHS cybersecurity, despite clinical records remaining safe.

Nearly 30 organizations, including major companies like Logitech and The Washington Post, have been named as victims of a recent Oracle E-Business Suite hack linked to the Cl0p ransomware group. The attackers have leaked data from 18 of these victims, with indications that vulnerabilities exploited may have been known prior to the attack.