• Home
  • cyber
  • Hypertherm and Oracle: Hypertherm Data Breach Exposes Names and Social Security Numbers
cyber Ransomware

Hypertherm and Oracle: Hypertherm Data Breach Exposes Names and Social Security Numbers

Feb 10, 2026 2 min read
Hypertherm and Oracle: Hypertherm Data Breach Exposes Names and Social Security Numbers

Hypertherm Discloses Data Breach Impacting U.S. Employees After Oracle EBS Exploit

Hypertherm, an employee-owned manufacturer of industrial cutting systems based in Hanover, New Hampshire, has reported a data breach exposing personal information due to a vulnerability in Oracle’s E-Business Suite (EBS) software. The incident was discovered on February 10, 2026, after an unauthorized actor exploited an unknown flaw in Oracle EBS to steal database tables from the company’s systems in August 2025.

The breach compromised names and Social Security numbers of affected individuals, though the total number of impacted U.S. residents remains undisclosed. Hypertherm began notifying victims via mail on March 13, 2026, filing reports with the Maine, New Hampshire, and Texas Attorneys General. To date, 334 Texas residents, 166 New Hampshire residents, and 31 Maine residents have been confirmed as affected.

The ransomware group CL0P claimed responsibility for the attack, posting about the breach on the dark web’s Tor network on November 21, 2025, categorizing it as a ransomware incident.

Hypertherm is offering one year of free identity monitoring through Kroll, including credit monitoring, fraud consultation, and identity theft restoration. Affected individuals can enroll using a membership number provided in their notification letters. The company has also set up a dedicated call center (844-403-4502) for inquiries.

While Hypertherm has not released nationwide impact figures, the breach underscores the risks of unpatched software vulnerabilities in enterprise systems. The incident follows a pattern of CL0P’s exploitation of third-party software flaws to extract sensitive data.

Source: https://www.claimdepot.com/data-breach/hypertherm-2026

Hypertherm Associates cybersecurity rating report: https://www.rankiteo.com/company/hyperthermassociates

Oracle cybersecurity rating report: https://www.rankiteo.com/company/oracle

"id": "HYPORA1773686454",
"linkid": "hyperthermassociates, oracle",
"type": "Ransomware",
"date": "2/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '531 (334 Texas residents, 166 '
                                              'New Hampshire residents, 31 '
                                              'Maine residents)',
                        'industry': 'Industrial cutting systems',
                        'location': 'Hanover, New Hampshire, USA',
                        'name': 'Hypertherm',
                        'type': 'Manufacturer'}],
 'attack_vector': 'Exploitation of unknown vulnerability in Oracle EBS',
 'customer_advisories': 'One year of free identity monitoring through Kroll, '
                        'including credit monitoring, fraud consultation, and '
                        'identity theft restoration',
 'data_breach': {'data_exfiltration': 'Yes (database tables stolen)',
                 'file_types_exposed': 'Database tables',
                 'personally_identifiable_information': 'Names, Social '
                                                        'Security numbers',
                 'sensitivity_of_data': 'High (Social Security numbers)',
                 'type_of_data_compromised': 'Personally Identifiable '
                                             'Information (PII)'},
 'date_detected': '2026-02-10',
 'date_publicly_disclosed': '2026-03-13',
 'description': 'Hypertherm, an employee-owned manufacturer of industrial '
                'cutting systems, reported a data breach exposing personal '
                'information due to a vulnerability in Oracle’s E-Business '
                'Suite (EBS) software. The breach compromised names and Social '
                'Security numbers of affected individuals.',
 'impact': {'data_compromised': 'Names, Social Security numbers',
            'identity_theft_risk': 'High',
            'systems_affected': 'Oracle E-Business Suite (EBS)'},
 'initial_access_broker': {'entry_point': 'Oracle EBS vulnerability'},
 'motivation': 'Ransomware',
 'post_incident_analysis': {'root_causes': 'Unpatched software vulnerability '
                                           'in Oracle EBS'},
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'CL0P'},
 'references': [{'source': 'Hypertherm breach notification'},
                {'date_accessed': '2025-11-21',
                 'source': 'CL0P dark web post',
                 'url': 'Tor network (dark web)'}],
 'regulatory_compliance': {'regulatory_notifications': 'Filed reports with '
                                                       'Maine, New Hampshire, '
                                                       'and Texas Attorneys '
                                                       'General'},
 'response': {'communication_strategy': 'Notification letters mailed to '
                                        'affected individuals, dedicated call '
                                        'center (844-403-4502)',
              'third_party_assistance': 'Kroll (identity monitoring)'},
 'threat_actor': 'CL0P',
 'title': 'Hypertherm Data Breach Impacting U.S. Employees After Oracle EBS '
          'Exploit',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unknown flaw in Oracle E-Business Suite (EBS)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.