Auto giant LKQ says it's the latest firm to be hit by Oracle EBS data breach

1. Pro
2. Security

Auto giant LKQ says it's the latest firm to be hit by Oracle EBS data breach News By Sead Fadilpašić published 18 December 2025

Cl0p claimed to have breached LKQ

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Shutterstock) Share Share by:

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

• LKQ confirmed it was affected by Oracle E‑Business Suite breach, exposing SSNs and EINs of about 9,000 people
• Cl0p is believed to be responsible, claiming terabytes of LKQ data stolen via CVE‑2022‑21587 exploitation
• The incident adds to a growing list of EBS victims, including Envoy Air, Harvard, The Washington Post, Cox, and Logitech

The list of companies breached through the Oracle E-Business Suite vulnerability keeps growing - with the latest organization to confirm an attack is US aftermarket car parts and recycled original equipment firm LKQ.

The company recently filed a data breach notification form with the Office of the Maine Attorney General, in which it said it lost sensitive data on roughly 9,000 people, including people’s LKQ Employer Identification Numbers, and Social Security Numbers.

The attack apparently took place on August 9 2025, and was discovered on October 3, when LKQ launched an internal investigation, which concluded on December 1, after which affected individuals, as well as relevant government agencies, were notified.

You may like

• Cox Enterprises hit by Oracle data breach - but it won't name who carried out the attack
• GlobalLogic says data on 10,000 workers exposed in Oracle-linked data breach
• Google researchers say Oracle EBR hackers have hit dozens of organizations

Cl0p steals terabytes

“There is no evidence of impact to LKQ’s systems beyond the Oracle E-Business Suite environment,” the company explained in the notification.

As a result, LKQ strengthened its network’s security, and offered free credit monitoring and identity restoration services through Cyberscout to affected individuals, for two years.

It did not detail who the threat actors were or what they were after. However, it is generally known that Cl0p, a Russian-speaking group, was the one behind the E-Business Suite attacks. Curiously enough, according to Security Week, LKQ was the first company Cl0p listed on its data leak website as having been breached through E-Business Suite, but the company did not confirm the claims until now.

Cl0p said it took several terabytes of files from LKQ’s EBS instances and shared it with the cybercriminal community.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Last summer, the ransomware actor abused a critical vulnerability in Oracle E-Business Suite, most commonly linked to CVE-2022-21587, which allowed unauthenticated remote code execution. This gave them access to user accounts, which they used to exfiltrate sensitive data. So far, there were multiple confirmed cases of data theft, including Envoy Air, Harvard University, The Washington Post, Cox Enterprises, and Logitech.

Via Infosecurity Magazine

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Cox Enterprises hit by Oracle data breach - but it won't name who carried out the attack    GlobalLogic says data on 10,000 workers exposed in Oracle-linked data breach    The Washington Post confirms it suffered an Oracle-linked data breach    Ransomware hackers claim Oracle app breach, tell victims their data has been stolen    Oracle forced to rush out patch for zero-day exploited in attacks    Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS    Latest in Security Having Windows app issues? Microsoft is making businesses reach out directly to get a fix    CISA reveals warning on Asus software flaw, here's what you need to do to stay safe    A massive new DDoS botnet has already snared 1.8 million devices - here's what we know about Kimwolf    AI-generated code contains more bugs and errors than human output    Cisco says Chinese hackers are exploiting its customers with a new zero-day    It's about time! Microsoft finally kills off encryption cipher blamed for multiple cyberattacks - RC4 bites the dust at last    Latest in News Bethesda reportedly held a secret Starfield event to showcase an upcoming update that will add faster loading times and technical improvements to the Creation Engine, along with a PS5 port that will be announced in 2026    Amazon's Fallout characters are coming to Call of Duty: Black Ops 7 and Warzone Season 01 Reloaded    The RAM crisis may lead to much better game optimization, and that's great    New data shows that only 1.6 million units of video game hardware were sold in the US in November, making it the worst month since 1995    ExpressVPN rolls out major Qt update to boost speed and unify desktop apps    Auto giant LKQ says it's the latest firm to be hit by Oracle EBS data breach    LATEST ARTICLES

1. 1Oracle has one last Ampere hurrah - new cloud platforms offer up to 192 custom Arm cores, and aren't OCI exclusive, unlike Graviton or Cobalt
2. 2Apple Music app in ChatGPT
3. 3It's about time! Microsoft finally kills off encryption cipher blamed for multiple cyberattacks - RC4 bites the dust at last
4. 4This new ‘smallest’ subwoofer packs deep bass into a 10-inch cube
5. 5It's not just RAM getting more expensive - the tools to make chips are set to explode in cost too, experts warn