Tech giant Google has revealed that more than 100 companies worldwide may have been affected by a massive cyberattack targeting Oracle’s suite of business products, raising alarms across the corporate technology ecosystem.
A Large-Scale Breach with Global Reach
In its early assessment, Google — a subsidiary of Alphabet Inc. (GOOGL.O) — said the attackers stole “mass amounts of customer data” in an operation that may have begun as early as three months ago.
“This level of preparation indicates that the threat actors carried out deep pre-attack research,”
Google’s internal security brief noted.
Experts say the breach exposes global supply-chain vulnerabilities.
Indian cyber expert Prof. Triveni Singh calls it “a wake-up call for enterprise security.”
FCRF Launches CCLP Program to Train India’s Next Generation of Cyber Law Practitioners
CL0P Ransomware Group Under Suspicion
Google believes the CL0P hacking group — a known cybercrime syndicate with a history of exploiting enterprise software — is behind the attack.
CL0P previously carried out the MOVEit Transfer breach, which hit hundreds of organizations globally.
Austin Larsen, a cybersecurity analyst at Google, told Reuters:
“We currently know of dozens of victims, but based on CL0P’s previous campaigns, the number could easily exceed 100. This could be one of the largest corporate breaches of 2025.”
Oracle’s Core Business Applications Targeted
The hackers reportedly exploited vulnerabilities in Oracle’s E-Business Suite, which many companies use to manage customers, logistics, manufacturing, and supply-chain operations.
Experts warn that an attack on such critical systems could disrupt global corporate workflows.
Oracle has not issued a fresh statement but earlier acknowledged extortion activity targeting some of its clients.
Potential Ripple Effect in Asia and India
Security analysts say the breach could have far-reaching consequences in Asia, particularly India, where thousands of companies rely on Oracle’s ERP and cloud platforms.
If hackers accessed connected partner networks, it could expose sensitive business data, trade secrets, and financial transactions — potentially making this one of the most damaging supply-chain breaches in recent years.
Expert Insight: Professor. Triveni Singh (Ex-IPS, Cyber Crime Expert )
“This attack clearly shows how cybercriminals are evolving,”
said Prof. Triveni Singh, a former IPS officer and one of India’s foremost cybercrime experts.
“Hackers are no longer targeting companies directly; they’re going after software providers that control entire ecosystems. This is a direct strike at the weakest link of supply-chain security.”
He added:
“In countries like India, this must be treated as a wake-up call. The government and private sector both need to move from a reactive to a proactive cyber defense model, build stronger threat intelligence networks, and reduce over-reliance on foreign vendors.”
Prof. Singh warned that such attacks often have dual objectives — espionage and extortion — and their long-term impact can be far greater than immediate data theft.
Ongoing Investigation
Google and U.S. cyber agencies are currently investigating the full scope of the breach.
Experts caution that if CL0P established persistent backdoor access, the attack may represent a long-term espionage campaign rather than a one-time data theft.
As one senior analyst noted,
“This may not just be about ransom — it’s about infiltration, surveillance, and control of enterprise systems at a global scale.”
