Cox Confirms Security Incident

Cox Communications, a prominent U.S. internet and cable television provider, has confirmed a security incident impacting its Oracle E-Business Suite (EBS) environment. The company stated it became aware of the breach on October 3, when an unauthorized party gained access to a limited number of its hosted Oracle EBS servers. According to Cox, the incident resulted in the exfiltration of certain data from the compromised systems. The company has clarified that the breach did not affect its core network or the majority of its systems. Cox is currently working with law enforcement and has begun notifying the individuals affected by the data exfiltration.

Cybercriminals Take Credit and Post Victim List

A group of threat actors, referring to themselves as the “Oracle E-Business Suite hack team,” has claimed responsibility for the attack. On a Tor-based website, the group published a list containing the names of more than 100 companies they allege are victims of their campaign. This list includes organizations from various sectors and countries, such as American Axle & Manufacturing, Jordan Aviation, and the UK’s NEC Software Solutions. However, when contacted, NEC Software Solutions denied being impacted by the threat actors. The cybercriminal group claims to have exploited a zero-day vulnerability in Oracle EBS, offering to sell the stolen data and, for a fee, provide victims with information on how to fix the vulnerability. Oracle has not issued a comment on the group’s zero-day claims. Security experts have noted that the attackers may be leveraging known, unpatched vulnerabilities, such as CVE-2022-21587, rather than an unknown flaw.