Auto-ID Solutions Provider Sato Corp Hit by Data Breach Tied to Oracle E-Business Vulnerability

Sato Corporation has reported a significant data security incident after the Clop ransomware group added the firm to its data leak site, alleging it breached the company’s Oracle E-Business Suite system.

 

Sato Corp is a global provider of Auto-ID solutions—barcode and RFID printers, software, and labels—helping sectors such as retail, logistics, and healthcare tag physical items with unique IDs for real-time visibility and more efficient operations.

 

In a data security incident notice, Sato Corporation said that on October 12, its cloud service provider notified them of a cyber attack where threat actors had exploited a zero-day vulnerability in Oracle E-Business Suite.

 

“Preparation for the attack was detected in early July 2025, and the initial intrusion occurred in August 2025. During this time, unauthorised access was gained, and confidential information may have been exfiltrated.

 

“The identified vulnerability has since been remediated, and we have been assured by the service provider that our managed environment is no longer under attack,” the company said.

 

Sato Corp reported that the data security incident impacted its operations in Japan, the United States, Singapore, Malaysia, Europe, and the United Kingdom. The breach exposed sensitive information—including names, email addresses, postal addresses, and telephone numbers—used to support routine business functions such as order processing, shipping, delivery, and accounts receivable/payable activities.

 

The company emphasised that the affected system does not store passwords or sensitive technical details, such as product firmware information.

 

“The exploited zero-day vulnerability (CVE-2025-61882) was patched immediately after an emergency fix was released and applied on October 5 and 6. Following the initial response, the service provider confirmed that no further attacks had been carried out on our environment and that it was secure,” the company added.