Washington Post Hit by Oracle Breach, Nearly 10,000 Employee Records Stolen

Hackers breached The Washington Post, stealing data of 10,000 employees; Clop demands ransom, threatening to leak info.

By Content Team

Nov 13, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

The Washington Post confirmed hackers stole personal data from nearly 10,000 current and former employees and contractors through a breach of its Oracle system. The Clop ransomware group exploited a zero-day vulnerability in Oracle E-Business Suite between July 10 and August 22, accessing names, Social Security numbers, and bank account details.

Clop contacted the newspaper on September 29 demanding ransom, with some victims facing demands up to $50 million. The Washington Post joins dozens of Oracle customers targeted in this campaign, including Envoy Air and GlobalLogic. Oracle patched the vulnerability in October, but Clop has threatened to leak stolen data from nearly 30 organizations unless paid.

Source: CyberScoop

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Microsoft Patches Actively Exploited Office Zero-Day Vulnerability

Jan 27, 2026

TriZetto Provider Solutions Breach Hits 3.4 Million Patients

Mar 11, 2026

PSNI Officers' Names Appear Again on Court Website After 2023 Data Breach

Feb 12, 2026

Hackers Target BeyondTrust Flaw Within Hours of Exploit Code Release

Feb 13, 2026