Cox Enterprises

Cox Enterprises disclosed a data breach stemming from a zero-day exploit (CVE-2025-61882) in Oracle E-Business Suite, discovered in late September 2024 after hackers breached its network in August. The Cl0p ransomware group claimed responsibility, exploiting the vulnerability before Oracle released a patch on October 5. While the company confirmed exposure of personal data, the specific types of compromised information (e.g., financial, employee, or customer records) were not disclosed. The delayed detection suggests prolonged unauthorized access, though the full scope of the leak—including whether sensitive data like SSNs, financial details, or proprietary business information was exfiltrated—remains unclear. The incident underscores the risks of third-party software vulnerabilities and the operational gaps in timely threat detection.

Source: https://cisoseries.com/cybersecurity-news-crowdstrike-insider-catch-spanish-airline-breach-ai-not-insurable/

Cox Enterprises cybersecurity rating report: https://www.rankiteo.com/company/cox-enterprises

"id": "COX1495114112425",
"linkid": "cox-enterprises",
"type": "Ransomware",
"date": "9/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'customers_affected': 'None (no customer data '
                                              'compromised)',
                        'industry': 'Technology',
                        'location': 'Global (HQ: USA)',
                        'name': 'CrowdStrike',
                        'type': 'Cybersecurity Company'}],
 'attack_vector': 'Internal (Insider)',
 'customer_advisories': 'No customer data compromised',
 'data_breach': {'data_exfiltration': True,
                 'file_types_exposed': 'Screenshots',
                 'sensitivity_of_data': 'Moderate (internal systems)',
                 'type_of_data_compromised': 'Internal screenshots'},
 'description': 'CrowdStrike confirmed that an insider shared screenshots '
                'taken on internal systems. The company emphasized that its '
                'systems were not breached, and customers’ data was not '
                'compromised. The threat group responsible was not specified.',
 'impact': {'brand_reputation_impact': 'Potential reputational risk due to '
                                       'insider incident',
            'data_compromised': 'Internal screenshots (no customer data)'},
 'investigation_status': 'Confirmed (insider incident)',
 'post_incident_analysis': {'root_causes': 'Insider threat (unauthorized '
                                           'screenshot sharing)'},
 'references': [{'source': 'BleepingComputer'}],
 'response': {'communication_strategy': 'Public disclosure emphasizing no '
                                        'customer data compromise',
              'incident_response_plan_activated': True},
 'title': 'CrowdStrike Insider Threat Incident',
 'type': 'Insider Threat'}