A former Washington Post employee filed a class-action lawsuit after a data breach exposed personal information of 9,720 current and former employees and contractors. The breach resulted from exploitation of a critical zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite by the Cl0p ransomware group. The lawsuit claims inadequate cybersecurity measures, with the attacker accessing data between July and August 2025. The Post has applied Oracle's fixes and is offering identity protection services to victims. Nearly 100 companies have been affected by this Oracle EBS vulnerability campaign.
Sort: