GlobalLogic, a supplier of digital engineering providers a part of the Hitachi group, is notifying over 10,000 present and former workers that their knowledge was stolen in an Oracle E-Enterprise Suite (EBS) data breach.
Based mostly in Santa Clara, California, this software program and product improvement providers firm was based in 2000. Since then, it has expanded to 59 product engineering facilities and several other places of work worldwide.
In a breach notification letter filed with the workplace of Maine’s Lawyer Basic, the corporate states that the attackers exploited an Oracle EBS zero-day vulnerability to steal private info belonging to 10,471 workers.
“GlobalLogic’s investigation recognized entry to Oracle and exfiltration on October 9, 2025. We then started drafting and sending out notifications. The investigation has recognized the earliest date of risk actor exercise as July 10, 2025, with the latest exercise occurring on August 20, 2025,” it stated.
“This incident didn’t goal or affect GlobalLogic’s programs exterior our Oracle platform, and, primarily based on trade studies, we’re considered one of many Oracle prospects believed to have been impacted. The private info concerned on this incident was from our Oracle platform, which incorporates HR info for present and former personnel.”
The information stolen within the breach contains private info collected by GlobalLogic’s human sources and, relying on the affected person, it contains title, tackle, cellphone quantity, and emergency contact (title and cellphone quantity).
The attackers additionally exfiltrated the e-mail addresses, dates of delivery, nationalities, nations of delivery, passport info, nationwide identifiers or tax identifiers (e.g., Social Safety Numbers), wage info, and checking account particulars of impacted workers.
Clop’s Oracle EBS knowledge theft assaults
Whereas GlobalLogic has but to attribute the breach to a selected risk group, the incident’s particulars align with an extortion marketing campaign wherein the Clop ransomware gang exploited a zero-day flaw (CVE-2025-61882) since early August to steal delicate knowledge from many corporations’ Oracle EBS programs.
Though Clop has but to reveal the entire variety of corporations affected by these knowledge theft assaults, Google Menace Intelligence Group chief analyst John Hultquist has informed BleepingComputer that they consider dozens of organizations have been impacted.
The extortion gang is now additionally focusing on Harvard College, Envoy Air, and The Washington Publish, who’ve all been added to the cybercrime group’s Tor leak web site. Their knowledge has additionally been leaked on-line and is now obtainable for obtain through Torrent.
Clop has but so as to add GlobalLogic to its leak web site, which means that the corporate remains to be negotiating with the risk group or has already paid a ransom.
A GlobalLogic spokesperson was not instantly obtainable for remark when contacted by BleepingComputer earlier right now.
Clop has been beforehand linked to different knowledge theft campaigns focusing on Accellion FTA, GoAnywhere MFT, Cleo, and MOVEit Switch, the latter of which has impacted over 2,770 organizations worldwide.
The U.S. State Division now affords a $10 million bounty for info that hyperlinks the ransomware gang’s assaults to a international authorities.
It is finances season! Over 300 CISOs and security leaders have shared how they’re planning, spending, and prioritizing for the 12 months forward. This report compiles their insights, permitting readers to benchmark methods, establish rising tendencies, and evaluate their priorities as they head into 2026.
Find out how prime leaders are turning funding into measurable affect.
