Cox Communications Reports Cyberattack on Oracle E-Business Suite, Impacts 100 Victims – Monday, November 24, 2025

Cox Communications has confirmed a cyberattack targeting its Oracle E-Business Suite (EBS), with cybercriminals releasing data allegedly linked to 100 victims. This incident underscores the persistent vulnerabilities within enterprise resource planning (ERP) systems and the critical need for enhanced security measures.

Who should care: CISOs, SOC leads, threat intelligence analysts, fraud & risk leaders, identity & access management teams, and security operations teams.

What happened?

Cox Communications, a leading telecommunications provider, recently suffered a cyberattack that compromised its Oracle E-Business Suite (EBS). The breach resulted in the unauthorized disclosure of data reportedly affecting 100 individuals. Although the exact attack vector remains undisclosed, this event highlights the growing risks faced by ERP systems, which are integral to managing key business processes and sensitive data. Oracle EBS, like other ERP platforms, consolidates vast amounts of critical information, making it a prime target for cybercriminals seeking valuable data. The Cox incident demonstrates how attackers continue to exploit weaknesses in these complex systems, potentially exposing personal information that could be used for identity theft or further malicious activity. This breach serves as a stark reminder of the importance of implementing strong security controls and continuous monitoring to safeguard ERP environments from increasingly sophisticated cyber threats.

Why now?

This breach occurs amid a rising trend of cyberattacks targeting ERP systems, driven by the high value of the data they contain. Over the past 18 months, there has been a marked increase in attempts to infiltrate ERP platforms, reflecting cybercriminals’ strategic shift toward high-impact targets. Advances in attack techniques and the lucrative payoff from stolen data have made ERP systems especially attractive. The Cox incident exemplifies this evolving threat landscape and underscores the urgency for organizations to strengthen their cybersecurity postures, particularly around ERP security, to reduce exposure to such breaches.

So what?

The Cox breach carries significant implications for both the company and the broader enterprise community. Strategically, it reinforces the imperative for organizations to prioritize ERP system security as a core component of their cybersecurity frameworks. Operationally, it highlights the necessity of developing robust incident response plans tailored to ERP-specific threats and ensuring proactive defenses are in place to detect and prevent data exfiltration. Organizations must also stay vigilant against emerging tactics such as data leaks and public exposure used by attackers to amplify pressure and damage. Adapting security strategies to address these evolving risks is essential to protect sensitive business and personal information.

What this means for you:

• For CISOs: Conduct thorough evaluations of ERP security protocols and implement enhanced controls to prevent unauthorized access and data breaches.
• For SOC leads: Establish continuous monitoring and threat detection focused on ERP environments to identify suspicious activity early.
• For threat intelligence analysts: Prioritize gathering and analyzing intelligence on emerging threats targeting ERP platforms to guide informed security decisions.

Quick Hits

• Impact / Risk: The Cox breach raises the risk of identity theft and follow-on attacks, emphasizing the critical need to secure ERP systems.
• Operational Implication: Organizations must strengthen security measures and incident response plans to address vulnerabilities unique to ERP platforms.
• Action This Week: Perform a comprehensive security audit of ERP systems; update executive leadership on ERP security risks; revise incident response plans to include ERP-specific scenarios.