Google announced on Thursday that over 100 companies may have been impacted by a large-scale cyberattack targeting Oracle’s suite of business applications.
The early findings suggest potentially widespread consequences from the breach, which appears to have been both well-funded and highly organized.
According to Google, a subsidiary of Alphabet, “mass amounts of customer data” were stolen in the operation, which may have started as far back as three months ago.
In its internal communication, the company noted, “This level of investment suggests the threat actor(s) responsible for the initial intrusion likely dedicated significant resources to pre-attack research.”
Google, which operates one of the most advanced cybersecurity arms in the tech industry alongside its well-known consumer platforms like Search, Gmail, and YouTube, shared further details in a blog post.
The company attributed the campaign to CL0P — a cybercriminal group notorious for large-scale attacks on third-party software vendors and service providers.
Related story: Oracle Reports Hackers Targeting Customers with Extortion Attempts
Growing Concern Over Scope of the Breach
In a statement to Reuters, Google security analyst Austin Larsen revealed that “we are aware of dozens of victims, but we expect there are many more. Based on the scale of previous CL0P campaigns, it is likely there are over a hundred.”
The hackers reportedly targeted Oracle’s E-Business Suite, a widely used platform that enables companies to manage essential operations such as customer relations, supply chain, manufacturing, and logistics.
Oracle has yet to issue an official response to the latest claims. The company, however, previously acknowledged incidents of extortion aimed at its clients following the breach.
CL0P, on its part, has remained silent in recent days, though the group previously stated that it would soon be evident that Oracle had “bugged up their core product.”
Cybersecurity experts suggest that the depth of this attack highlights the growing sophistication of threat actors targeting enterprise-level software.
The use of pre-attack reconnaissance, as noted by Google, implies that the hackers had detailed knowledge of Oracle’s systems before the intrusion occurred.
While investigations are still in progress, analysts warn that the true scale of the data theft may not be fully known for weeks.
With both Google and Oracle facing questions about how such an extensive breach was possible, the incident underscores the increasing vulnerability of major business systems to coordinated cyber threats.
Read next: Google Becomes Founding Partner and Cloud Provider for LA28 Olympics