Mazda has confirmed that it was targeted in the recent Oracle E-Business Suite (EBS) hacking campaign, but the automaker insists the incident caused no operational disruption and no confirmed data leakage.
Mazda: Attack Contained, No Signs of Breach
Speaking to SecurityWeek, Mazda said its operations and production systems were unaffected. A representative from Mazda Motor Europe added that while “traces of an attack” were detected, the company’s cybersecurity defenses successfully prevented any system impact or data exposure.
Mazda also confirmed that it quickly applied Oracle’s October EBS patches as part of its security response.
Unclear Vulnerability Behind Widespread Oracle Attacks
The Oracle EBS campaign, which surfaced nearly two months ago, appears to have exploited one or more vulnerabilities in Oracle’s software. Initially, Oracle said attackers abused a known flaw patched in July, but the company has since released additional fixes for vulnerabilities tracked as CVE-2025-61884 and CVE-2025-618842, raising concerns that previously unknown zero-day exploits may have been involved.
Despite multiple patches, security researchers say it remains unclear which specific vulnerabilities were used in the attacks.
Cl0p Ransomware Group Claims Mazda as a Victim
The Cl0p ransomware group — known for large-scale supply-chain attacks — has listed both Mazda and Mazda USA on its leak site as alleged victims of the Oracle EBS campaign. So far, the group has not released any data tied to Mazda and claims it is giving the automaker “time to respond.”
Given Mazda’s assessment that no data was compromised, cybersecurity analysts believe it is highly unlikely the company will pay any ransom.
Experts caution that while groups like Cl0p typically list genuine victims, they also commonly exaggerate breach severity to pressure organizations into paying.
Over 100 Organizations Affected Globally
Cl0p’s leak site features more than 100 alleged victims of the Oracle campaign — including major corporations and institutions. Some organizations have already reported massive data theft, with hackers leaking hundreds of gigabytes or even terabytes of sensitive files.
Recent confirmations include Cox Enterprises, which revealed that the personal data of nearly 9,500 individuals was compromised.
Other impacted or reportedly targeted organizations include:
- 1- Logitech
- 2-The Washington Post
- 3-GlobalLogic
- 4-Harvard University
- 5-Envoy Air
Meanwhile, several major companies named by Cl0p — such as Schneider Electric, Emerson, Michelin, Broadcom, Bechtel, Canon, and Entrust — have not yet publicly commented on the claims.
