Published 8 November 2025 | Source: Le Temps
A hacker group known as Clop has claimed responsibility for a new wave of cyberattacks affecting global organisations – this time naming Logitech, the Lausanne-based technology company.
A Coordinated Data Extortion Threat
According to reports, Clop published messages on the dark web warning that companies had 48 hours to respond before sensitive data would be leaked. Logitech, among several other corporations including Informa, MKS, Trimble, and Rheem, appeared on this list.
The group’s post accused targeted companies of neglecting customer security and set a 24-hour deadline for Logitech to reply before any stolen data would be released.
As of the weekend, Logitech had not confirmed whether a breach had taken place or if any information had been exfiltrated. The company stated it had “no comment at this time.”
Oracle Software at the Centre of the Attack
Clop has been exploiting a security vulnerability in Oracle software, part of a broader campaign impacting hundreds of organisations.
“This attack is part of an ongoing hacking campaign affecting hundreds of organisations,”
explained Steven Meyer, CEO of ZENDATA.“The initial exploitation was detected in July, but Oracle only reported it on 2 October. A first emergency patch proved ineffective, and a second critical update was required on 11 October – leaving customers exposed for several days.”
Among other known victims are Harvard University, Envoy Air, and Chicago Public Schools.
A Group Known for Large-Scale Campaigns
ZENDATA’s intelligence shows Clop has been active since 2019, with at least 835 documented victims worldwide. The group is Russian-speaking and specialises in data exfiltration and extortion. This is rather than ransomware deployment, a deliberate shift to avoid heightened law-enforcement scrutiny.
Clop’s past campaigns have exploited vulnerabilities in MOVEit, Fortra GoAnywhere, and Cleo file-transfer platforms. Their methods are systematic and opportunistic, targeting multiple organisations at once and releasing stolen data in phases.
“This is a serious, capable, and highly organised group that has caused significant damage in the past. Their threat should be taken seriously,”
concluded Steven Meyer.
Taking the Threat Seriously
While investigations continue, the Logitech case reinforces the growing interdependence between global supply-chain partners and the potential impact of third-party vulnerabilities such as Oracle’s.
ZENDATA recommends continuous threat monitoring, supply-chain visibility, and incident-response readiness to mitigate exposure to large-scale vulnerability exploits.
ZENDATA is a sovereign Managed Security Service Provider (MSSP). Delivering 24/7 SOC coverage, AI-driven threat intelligence, and digital-sovereignty protection across Switzerland, Europe, the GCC, and Southeast Asia.
Find the article here
