Blog Details

Hardware accessory wide Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Industry Suite data theft attacks in July.

Logitech Global S.A. is a Swiss multinational electronics firm that sells hardware and instrument alternatives, along side computer peripherals, gaming, video collaboration, tune, and natty dwelling products.

This day, Logitech filed a Form 8-K with the U.S. Securities and Exchange Price, confirming that data turn into as soon as stolen in a breach.

“Logitech Global S.A. (“Logitech”) now not too lengthy within the past skilled a cybersecurity incident relating to to the exfiltration of data. The cybersecurity incident has now not impacted Logitech’s products, enterprise operations or manufacturing,” disclosed Logitech.

“Upon detecting the incident, Logitech promptly took steps to investigate and respond to the incident with the assistance of leading external cybersecurity firms.”

Logitech says the facts seemingly entails restricted files about workers and shoppers, besides to data relating to to clients and suppliers, however the firm doesn’t factor in hackers obtained salvage entry to to sensitive files corresponding to national ID numbers or credit rating card files, as that data turn into as soon as now not stored within the breached systems.

Logitech says that the breach came about thru a third-party zero-day vulnerability that turn into as soon as patched as soon as a repair turn into as soon as accessible.

This assertion comes after the Clop extortion gang added Logitech to its data-leak extortion location closing week, leaking nearly 1.8 TB of data allegedly stolen from the firm.

Whereas the firm doesn’t name the instrument vendor, the breach turn into as soon as seemingly attributable to an Oracle zero-day vulnerability exploited by the Clop extortion gang in July data-theft attacks.

Final month, Mandiant and Google began monitoring a recent extortion advertising campaign all the draw in which thru which a kind of companies obtained emails from the Clop ransomware operation claiming that sensitive data had been stolen from their Oracle E-Industry Suite systems. 

These emails warned that the stolen data may perchance be leaked if a ransom build a query to turn into as soon as now not paid.

Shortly after, Oracle confirmed a recent E-Industry Suite zero-day, tracked as CVE-2025-61882, and issued an emergency exchange to repair the flaw.

The Clop extortion gang has a lengthy history of exploiting zero-day flaws in huge data theft attacks, along side:

• 2020: Exploited a zero-day within the Accellion FTA platform, affecting nearly 100 organizations.
• 2021: Exploited a zero-day in SolarWinds Serv-U FTP instrument.
• 2023: Exploited a zero-day within the GoAnywhere MFT platform, breaching over 100 companies.
• 2023: Exploited a zero-day in MOVEit Switch, which turn into as soon as Clop’s most wide advertising campaign to this point, the put the attackers stole data from 2,773 organizations worldwide.
• 2024: Exploited two Cleo file transfer zero-days (CVE-2024-50623 and CVE-2024-55956) to take dangle of data and extort companies.

Other organizations impacted by the 2025 Oracle E-Industry Suite data theft attacks encompass Harvard, Envoy Air, and The Washington Put up.

BleepingComputer contacted Logitech earlier this month and every other time nowadays with questions regarding the breach and can exchange the fable if we receive a response.