Envoy Air, the largest regional affiliate of American Airlines (AAL.O), said on Friday it had been targeted in a hacking campaign exploiting Oracle (ORCL.N) E-Business Suite software, joining a growing list of victims in attacks attributed to the CL0P cybercriminal group.
The Irving, Texas-based carrier confirmed the incident in an emailed statement, noting it is working with law enforcement and cybersecurity experts to assess the impact.
Envoy said the review found no sensitive or customer data was affected, though some business information and contact details may have been compromised.
The CL0P group, known for large-scale extortion operations, claimed responsibility for the breach and listed American Airlines on its leak site late Thursday. The airline redirected inquiries to Envoy Air, saying it was not directly affected.
Cyber experts at Google’s Threat Analysis Group said the Oracle-related campaign has been ongoing for several months, stealing large amounts of customer data from multiple organizations. Earlier this week, Harvard University confirmed a similar attack through the same Oracle software vulnerability.
The attack highlights growing vulnerabilities in enterprise systems as ransomware groups exploit widely used corporate software to launch targeted extortion schemes.
