

























Fluke Corporation today confirmed it notified 18,517 people of an August 2025 data breach that compromised Social Security numbers, dates of birth, and “an indicator of whether you self-identified as having a disability.”
According to a breach disclosure submitted to Maine’s attorney general, hackers exploited a vulnerability in a third-party application used by Fluke. The breach lasted two months from August 10 to October 7, 2025. Fluke discovered the breach on September 29, 2025.
A ransomware group called Clop took credit for the breach. Clop is well-known for exploiting zero-day vulnerabilities in enterprise software such as Oracle’s E-Business Suite and the MOVEit file transfer app.
Fluke has not acknowledged Clop’s claim and Comparitech cannot independently verify it. We do not know if Fluke paid a ransom or how much Clop demanded. Comparitech contacted Fluke for comment and will update this article if it replies.
“On September 29, 2025, we learned that a criminal actor exploited a vulnerability in a third-party application used by us and was able to access a limited segment of our network,” says Fluke’s notice to breach victims.
“We promptly began investigating this incident and discovered that the criminal actor had access to our network from August 10, 2025, until October 7, 2025.”
Fluke is offering breach victims 24 months of free credit monitoring and identity theft insurance through Equifax.
Clop, or Cl0p, is a high-profile ransomware group that first surfaced in 2019. It specializes in exploiting zero-day software vulnerabilities, most recently in Oracle’s E-Business Suite and the Cleo file transfer software. Cl0p targets any organization using the vulnerable software. Like some other ransomware groups, Clop doesn’t always encrypt files. Instead, it steals data and then demands a ransom to not publish or sell it.
Clop claimed responsibility for 458 ransomware attacks in 2025. Of those, 40 were confirmed by the organizations it targeted. This week, Tulane University also began notifying 4,633 victims of a breach claimed by Clop that exploited the Oracle E-Business Suite software.
In 2026 to date, Clop has taken credit for 122 more attacks.
Comparitech researchers logged 92 confirmed ransomware attacks on US manufacturers in 2025. Those attacks compromised about 156,000 personal records.
Other such recently confirmed attacks include:
Ransomware attacks on manufacturers can lock down computer systems and steal data. In Clop’s case, it’s most likely just the latter. Successful infections can disrupt billing, communications, orders, shipments, and in some cases manufacturing equipment and processes. The attackers demand a ransom to restore infected systems and delete stolen data. If manufacturers refuse to pay up, they face extended downtime, permanent data loss, unauthorized data disclosure, and putting data subjects at increased risk of fraud.
Headquartered in Everett, WA, Fluke Corporation manufactures industrial testing equipment and software. Fluke is a subsidiary of Fortive Corporation.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。