Logitech disclosed a cybersecurity incident in an SEC filing Friday after being named as a victim in the Cl0p ransomware group's Oracle E-Business Suite hacking campaign. The consumer electronics company said hackers exploited a zero-day vulnerability in third-party software to steal employee, consumer, customer, and supplier data.
Logitech emphasized that no sensitive personal information like Social Security numbers or credit card details were compromised, and business operations remain unaffected. The Cl0p group leaked 1.8 TB of alleged Logitech data in early November.
Over 50 companies have been targeted in this Oracle EBS campaign, including The Washington Post, Harvard University, and American Airlines subsidiary Envoy Air. Security experts link the attacks to the FIN11 threat actor group.
Source: SecurityWeek