Key Findings The Washington Post has notified nearly 10,000 current and former employees and contractors about a data breach that exposed their personal and financial information. The breach was linked to a zero-day vulnerability (CVE-2025-61884) in Oracle's E-Business Suite software, which was exploited by the Clop ransomware group between July 10 and August 22, 2025. The stolen data includes names, bank account numbers, routing numbers, Social Security numbers, and tax IDs.
