GlobalLogic Oracle EBS employee HR data leak
Data Leak
Summary
Hide ▲
Show ▼
GlobalLogic disclosed that attackers stole personal information from 10,471 current and former employees through its Oracle E-Business Suite (EBS) environment, creating a significant HR data exposure. The stolen records included contact details, dates of birth, national identifiers, salary information, and bank account details. GlobalLogic said the theft was confined to its Oracle platform and did not affect systems outside that environment. The exposure matters because the data can enable identity theft, fraud, and targeted phishing against affected workers.
Related Happenings
7-Eleven franchisee-docs and Salesforce data leak
Data Leak
First: 18.05.2026 14:25
Last: 18.05.2026 14:25
Sources 1
About this happening:
**7-Eleven** confirmed a **April 8, 2026** intrusion into systems used to store **franchisee documents**, and **ShinyHunters** later claimed the theft of **more than 600,000 Sales...
7-Eleven franchisee-docs and Salesforce data leak
Data LeakAbout this happening: **7-Eleven** confirmed a **April 8, 2026** intrusion into systems used to store **franchisee documents**, and **ShinyHunters** later claimed the theft of **more than 600,000 Sales...
Latest development: 26.05.2026 10:01
Have I Been Pwned analyzed the leaked 7-Eleven data and estimated that the breach exposed personal information for 185,300 people, including names, dates of birth, unique email addresses, phone numbers, and physical addresses. The exposed archive was tied to ShinyHunters' extortion campaign against 7-Eleven and followed the group's leak-site posting after ransom demands were not met.
Cookeville Regional Medical Center data leak on Rhysida leak site
Data Leak
First: 16.04.2026 15:40
Last: 16.04.2026 15:40
Sources 1
About this happening:
The **Rhysida** group’s posting of **Cookeville Regional Medical Center (CRMC)** data exposed sensitive personal, financial, and medical records tied to **more than 337,000 people...
Cookeville Regional Medical Center data leak on Rhysida leak site
Data LeakAbout this happening: The **Rhysida** group’s posting of **Cookeville Regional Medical Center (CRMC)** data exposed sensitive personal, financial, and medical records tied to **more than 337,000 people...
HackerOne employee and dependent data leak after Navia breach
Data Leak
First: 24.03.2026 16:01
Last: 24.03.2026 16:01
Sources 1
About this happening:
HackerOne disclosed that **sensitive employee and dependent data** was exposed after attackers accessed **Navia** through a **Broken Object Level Authorization (BOLA) vulnerabilit...
HackerOne employee and dependent data leak after Navia breach
Data LeakAbout this happening: HackerOne disclosed that **sensitive employee and dependent data** was exposed after attackers accessed **Navia** through a **Broken Object Level Authorization (BOLA) vulnerabilit...
Madison Square Garden hit by network compromise linked to Cl0p
Incident
First: 02.03.2026 15:53
Last: 02.03.2026 15:53
Sources 1
About this happening:
**Madison Square Garden** confirmed a **data breach** that exposed **names and SSNs**, and it has started notifying affected people. The compromise involved a **hosted Oracle E-Bu...
Madison Square Garden hit by network compromise linked to Cl0p
IncidentAbout this happening: **Madison Square Garden** confirmed a **data breach** that exposed **names and SSNs**, and it has started notifying affected people. The compromise involved a **hosted Oracle E-Bu...
Wynn Resorts hit by cyberattack
Incident
First: 24.02.2026 23:51
Last: 24.02.2026 23:51
Sources 1
About this happening:
**Wynn Resorts** confirmed an **employee data breach** after an unauthorized third party stole data from its systems, creating exposure risk for staff records. The company said it...
Wynn Resorts hit by cyberattack
IncidentAbout this happening: **Wynn Resorts** confirmed an **employee data breach** after an unauthorized third party stole data from its systems, creating exposure risk for staff records. The company said it...
Timeline
-
11.11.2025 17:24 1 articles · 6mo ago
GlobalLogic Oracle intrusion shows earliest activity on July 10, 2025
Exploitation ObservedGlobalLogic's Oracle platform showed the earliest identified threat actor activity on July 10, 2025, within the Oracle E-Business Suite zero-day intrusion affecting employee HR data.
Show sources
- GlobalLogic warns 10,000 employees of data theft after Oracle breach — www.bleepingcomputer.com — 11.11.2025 17:24
-
11.11.2025 17:24 1 articles · 6mo ago
GlobalLogic Oracle intrusion shows most recent activity on August 20, 2025
Campaign Scope UpdateGlobalLogic's Oracle platform showed the most recent identified threat actor activity on August 20, 2025, extending the same Oracle E-Business Suite zero-day intrusion that exposed employee information.
Show sources
- GlobalLogic warns 10,000 employees of data theft after Oracle breach — www.bleepingcomputer.com — 11.11.2025 17:24
-
11.11.2025 17:24 1 articles · 6mo ago
GlobalLogic identifies Oracle access and exfiltration on October 9, 2025
Detection Ioc UpdateGlobalLogic's investigation identified access to Oracle and exfiltration on October 9, 2025, confirming that employee personal information had been removed from the Oracle HR environment.
Show sources
- GlobalLogic warns 10,000 employees of data theft after Oracle breach — www.bleepingcomputer.com — 11.11.2025 17:24
-
11.11.2025 17:24 2 articles · 6mo ago
GlobalLogic begins employee breach notifications and files Maine disclosure
Initial DisclosureGlobalLogic filed a breach notification with the office of Maine's Attorney General and began notifying over 10,000 current and former employees after attackers exploited an Oracle E-Business Suite zero-day vulnerability to steal personal information belonging to 10,471 employees.
Show sources
- GlobalLogic warns 10,000 employees of data theft after Oracle breach — www.bleepingcomputer.com — 11.11.2025 17:24
- GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack — www.infosecurity-magazine.com — 12.11.2025 17:30