Ethical Hacking News
Oracle EBS 2025 campaign impacts Madison Square Garden, exposing sensitive data from over 100 organizations worldwide, including the renowned multi-purpose indoor arena.
The recent Madison Square Garden data breach highlights the severity of global cybersecurity threats. The Cl0p ransomware group exploited zero-day flaws in Oracle EBS to gain unauthorized access to over 100 organizations' sensitive data. More than 210GB of archived files were leaked, exposing sensitive information related to workforce and financial operations. The incident emphasizes the importance of maintaining robust cybersecurity measures and adhering to best practices for software updates and patches. Madison Square Garden has taken proactive steps to address the issue, including alerting law enforcement and offering complimentary credit monitoring services. The incident underscores the need for organizations to prioritize their cybersecurity posture in light of rapidly evolving threats.
The recent data breach incident involving Madison Square Garden, a renowned multi-purpose indoor arena located in New York City, has shed light on the vast scope and complexity of global cybersecurity threats. The breach, which was linked to the 2025 Oracle E-Business Suite (EBS) hacking campaign, highlights the severity of the threat posed by this particular cybercrime operation.
The Cl0p ransomware group, a notorious actor in the world of cyber attacks, exploited zero-day flaws in the Oracle EBS application to gain unauthorized access to sensitive data from over 100 organizations, including Madison Square Garden. The breach occurred in August 2025 and was initially discovered months later by the company's vendor.
The impact of the breach on Madison Square Garden was significant, with more than 210GB of archived files being leaked, exposing sensitive information related to workforce and financial operations. The leaked data included business records such as hiring or payment details for individuals, which raises serious concerns about the security of personal data.
The Oracle EBS hacking campaign, in general, has had far-reaching consequences, affecting numerous organizations worldwide. In November 2025, it was reported that an unauthorized person gained access to some data from the application, prompting a forensic investigation by both the company's vendor and a third-party firm. The investigation revealed that the flaw exploited by the Cl0p ransomware group was tracked as CVE-2025-61882 (CVSS 9.8) and was addressed through an emergency patch released in October 2025.
The emergency patch, however, did not prevent the initial breach from occurring, highlighting the severity of the vulnerability and the need for swift action to mitigate its impact. The incident serves as a stark reminder of the importance of maintaining robust cybersecurity measures and adhering to best practices for software updates and patches.
In light of this recent data breach, Madison Square Garden has taken proactive steps to address the issue. The company has alerted law enforcement and begun notifying affected individuals, offering complimentary one-year credit monitoring, report, and score through Cyberscout, a TransUnion company. This move demonstrates the organization's commitment to protecting its patrons' personal data and preventing any potential harm.
The incident also underscores the need for organizations to prioritize their cybersecurity posture, particularly in light of the rapid pace at which new vulnerabilities are being discovered. The exploitation of zero-day flaws by sophisticated actors like the Cl0p ransomware group serves as a stark reminder of the importance of staying vigilant and proactive in response to emerging threats.
In conclusion, the Oracle EBS 2025 campaign has exposed Madison Square Garden and numerous other organizations to significant cybersecurity risks. As the global threat landscape continues to evolve, it is essential for organizations to maintain robust cybersecurity measures and adhere to best practices for software updates and patches. By doing so, they can mitigate the impact of such incidents and protect their patrons' sensitive data.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Oracle-EBS-2025-Campaign-A-Global-Cybersecurity-Threat-Exposed---Madison-Square-Garden-Among-the-Victims-ehn.shtml
https://securityaffairs.com/188814/cyber-crime/oracle-ebs-2025-campaign-impacts-madison-square-garden-sensitive-data-leaked.html
https://www.securityweek.com/madison-square-garden-data-breach-confirmed-months-after-hacker-attack/
https://undercodenews.com/madison-square-garden-confirms-major-oracle-ebs-data-breach-after-cl0p-ransomware-attack-in-2025/
https://nvd.nist.gov/vuln/detail/CVE-2025-61882
https://www.cvedetails.com/cve/CVE-2025-61882/
https://en.wikipedia.org/wiki/Clop_(hacker_group)
https://www.sentinelone.com/anthology/clop/
Published: Tue Mar 3 12:59:00 2026 by llama3.2 3B Q4_K_M
