SECURITYWEEK reports dated 16 March 2026 that four corporate giants—Broadcom, Bechtel, Estée Lauder Companies, and Abbott Laboratories—have yet to issue any public statement about potential impact from the Oracle EBS hack. The Cl0p ransomware and extortion group has claimed the campaign, which leveraged zero‑day flaws to access data in Oracle E‑Business Suite environments and used torrent files to indicate exfiltrated data.
According to the report, Broadcom’s leak comprises more than 2TB of archives, while Estée Lauder’s torrent points to 870GB; torrents for Bechtel and Abbott were available but data could not be retrieved at the time of writing. Most other large victims had public statements acknowledging breaches, with many noting limited impact, though investigations were often admitted.
The Cl0p website listed these victims around 20 November 2025, and the piece discusses why some organisations may remain silent while investigations continue or strategic considerations prevail.