Clop Ransomware
-
Korean Air says employee data exposed after supplier hack
Korean Air said an internal notice that employee names and bank account numbers in its ERP were compromised after a hack of its supplier KC&D. Local reporting put the number of exfiltrated records at about 30,000.
-
University of Phoenix discloses data breach after Oracle E-Business Suite exploit
The University of Phoenix disclosed a data breach after attackers exploited a zero-day flaw in Oracle E-Business Suite, saying personal and financial records for students, staff and suppliers were accessed; the parent company filed an 8-K and affected individuals will be notified by mail.
-
Dartmouth College confirms data breach after Clop posts Oracle EBS data
Dartmouth College said files taken from its Oracle E-Business Suite servers were posted by the Clop extortion group. A Maine filing identified 1,494 individuals whose records included names and Social Security numbers, and an appendix said financial account data was also taken. The college has not yet filed a New Hampshire notice and has not…
-
Harvard discloses Alumni Affairs data breach after voice phishing attack
Harvard said systems used by its Alumni Affairs and Development office were accessed in a phone-based phishing attack discovered on Nov. 18, 2025, exposing contact and fundraising-related information for alumni, donors, students and staff; the university said no Social Security numbers, passwords, payment card or other financial data were in the compromised systems.
-
Washington Post breach exposes personal data of nearly 10,000 workers
The Washington Post notified 9,720 employees and contractors that their personal and financial information was exposed after attackers exploited a zero-day in Oracle E-Business Suite; the flaw (CVE-2025-61884) has been linked to the Clop group and other major organisations were also affected.
-
Iranian Ransomware Crew Resurfaces with Increased Threats to US and Israel
An Iranian ransomware operation, Pay2Key.I2P, has reemerged after five years, targeting U.S. and Israeli organizations with lucrative offers for cybercriminals. This resurgence poses a significant threat amid escalating geopolitical tensions.
-
Ingram Micro Confirms Ransomware Attack Amid Ongoing IT Outage
Ingram Micro is facing a significant cybersecurity crisis due to a ransomware attack that has resulted in a multi-day IT outage, seriously disrupting services for customers and partners globally. The company is working with cybersecurity experts to manage the breach and restore operations.
-
SatanLock Ransomware Group Announces Shutdown, Plans Data Leak
The SatanLock ransomware group has announced its shutdown, stating it will leak all stolen data, raising concerns about the implications for the victims and the broader cybercrime landscape.
-
Swiss Government Confirms Data Theft in Ransomware Attack on Radix
The Swiss government has confirmed that a ransomware attack on the nonprofit organization Radix has compromised sensitive data from various federal offices, with the leaked information now available on the dark web.
-
Ransomware Attacks on Hospitals: A Growing Threat to Patient Lives
Recent ransomware attacks on hospitals in the UK and Germany have underscored the deadly risks posed by cybercrime, transforming once-mundane data breaches into life-threatening incidents. With victims requiring urgent medical care unable to receive timely treatment, healthcare institutions are being pushed to reassess their cybersecurity measures as the stakes have never been higher.
