Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Banner Mobile
Fortinet 970x120px
Logitech Hit by Clop Ransomware Attack, Data Breach Exposed

Logitech Hit by Clop Ransomware Attack, Data Breach Exposed

26 November 2025 07:26

Logitech representatives have notified authorities of a cyberattack and a serious data breach . The notorious Clop ransomware group, which has been targeting companies for several months by exploiting a vulnerability in Oracle E-Business Suite, has claimed responsibility for the attack.

The company filed a formal notification with the U.S. Securities and Exchange Commission , acknowledging the data breach. Logitech representatives report that the incident did not impact the company’s production or products, nor its business processes. Immediately after discovering the breach, the company engaged third-party cybersecurity experts to assist in the investigation.

Logitech claims the compromised data includes limited employee and user information, as well as customer and supplier details. However, the company maintains that the hackers did not gain access to ID cards, bank card details, or other sensitive information, as this information was not stored on the compromised systems.

Last week, the Clop hacker group added Logitech to its data dump site, publishing nearly 1.8 TB of data allegedly stolen from the company. According to Logitech, the attack was caused by a zero-day vulnerability discovered in a third-party vendor and patched shortly after its release.

Clop operators actively exploited this vulnerability as early as July 2025 to launch mass attacks on Oracle enterprise customers. In October, specialists from Mandiant and Google detected a large-scale ransomware campaign : dozens of companies received ransomware messages from Clop operators. The attackers threatened to disclose data stolen from Oracle E-Business Suite if victims did not pay the ransom. Oracle developers subsequently confirmed the vulnerability and released an emergency patch.

Logitech’s statements suggest that the company installed the emergency update soon after its release, but it was too late and the data had already been stolen.

Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.

Cropped RHC 3d Transp2 1766828557 300x300
The editorial staff of Red Hot Cyber is composed of IT and cybersecurity professionals, supported by a network of qualified sources who also operate confidentially. The team works daily to analyze, verify, and publish news, insights, and reports on cybersecurity, technology, and digital threats, with a particular focus on the accuracy of information and the protection of sources. The information published is derived from direct research, field experience, and exclusive contributions from national and international operational contexts.