Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group

We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not the content of our reviews. See our Terms of Use for details.

A recent incident involving Oracle’s E-Business Suite has led to extortion attempts against executives at multiple large organizations that use the software. While the exact date of the initial breach is unclear, ransom demands began arriving on Sept. 29, 2025.

The attackers, linked to the gang Cl0p (also known as Clop), have already claimed responsibility for the attack. In one reported case, the attackers demanded as much as $50 million, according to cybersecurity firm Halcyon, which is helping to investigate the campaign.

Understanding how it happened

Halcyon reports that Cl0p is attempting to pressure victims by proving its access to corporate systems.

“We have seen Cl0p demand huge seven- and eight-figure ransoms in the ...