Imaging and optical technology giant Canon has confirmed being targeted in the recent Oracle E-Business Suite (EBS) hacking campaign.
However, its investigation has shown that the incident is limited to a subsidiary of Canon U.S.A., Inc., the company told SecurityWeek in an emailed statement.
“We have confirmed that the incident only affected the web server, and we have already taken security measures and resumed service,” Canon said. “In addition, we are continuing to investigate further to ensure that there is no other impact.”
While the cybercriminals have made public data allegedly stolen from many of the victims — terabytes of files in some cases — no Canon data has been leaked at the time of writing.
Canon was previously targeted in a ransomware attack back in 2020, when hackers stole employee information from the firm’s systems.
Other major companies that confirmed impact from the Oracle EBS hacking campaign in recent days include Cox Enterprises, which said the personal information of roughly 9,500 individuals was compromised, and Mazda, which found no evidence of data leakage.
More than 100 organizations have been named to date on the Cl0p ransomware website as alleged victims of the campaign. Nearly half of them are major companies in sectors such as IT and telecoms, heavy industry and manufacturing, healthcare and pharma, retail, automotive and transportation, media, and energy and utilities.
The United Kingdom’s National Health Service (NHS) is conducting an investigation, but it has yet to confirm a data breach.
The list of big companies that have yet to publicly confirm a data breach includes Michelin, Broadcom, and Bechtel.
Cl0p has been the public-facing group to take credit for the Oracle campaign, but an unknown cluster of a threat actor tracked as FIN11 is believed to be behind the attacks. FIN11 conducted similar campaigns targeting other widely used enterprise products in the past.
Organizations are typically not listed on the Cl0p website without cause, but the actual scope of the breach may be exaggerated by the threat actors.
Related: Logitech Confirms Data Breach Following Designation as Oracle Hack Victim
Related: CISA Confirms Exploitation of Latest Oracle EBS Vulnerability
Related: Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks
