Madison Square Garden Confirms SSN Leak After Oracle Zero-Day Exploit

Author

Taylor Hawes
March 02, 2026

🔎 Cyber Watch 🔎

Madison Square Garden Confirms SSN Leak After Oracle Zero-Day Exploit

The Madison Square Garden Family of Companies confirmed it notified an undisclosed number of individuals about an August 2025 data breach that exposed names and Social Security numbers. The company, which operates venues including Madison Square Garden and Radio City Music Hall, said attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite software. The application was hosted and managed by a third-party vendor.

According to the company’s notice to victims, Oracle informed customers that an unknown vulnerability had been exploited to access application data. The investigation later confirmed that unauthorized access occurred in August 2025.

The ransomware group Clop, also known as Cl0p, claimed responsibility for the breach in November 2025. Around the same period, the group targeted hundreds of organizations by exploiting the same Oracle vulnerability. Clop listed Madison Square Garden on its data leak site. However, MSG has not confirmed the group’s involvement, and the claim has not been independently verified.

Key takeaway

  • The breach stemmed from a zero-day vulnerability in Oracle’s E-Business Suite hosted by a third-party vendor.

  • Names and Social Security numbers were accessed during the August 2025 intrusion.

  • Clop claimed responsibility, though MSG has not confirmed the group’s involvement.

Put your emails on autopilot, and your business results in overdrive.

Marketing that runs itself? Yeah, that’s a thing now.

Constant Contact has automation tools that run in the background so you don’t have to. Emails, texts, offers — they go out exactly when you want them to, without needing to hit send every time. Are you ready to stop spending time on repetitive stuff? Then give Constant Contact’s automation tools a try. It’s free to get started, and honestly? It’s kind of a game changer.

🎙️ Tech Briefing On‑Air 🎙️

Risk-Driven Security Leadership and Learning

In this episode of the CISO Confidential podcast, SAFE CEO Saket Modi speaks with Anand Singh, former Chief Information Security Officer at Optum Insight, the healthcare technology and data unit of UnitedHealth Group. The discussion centers on what it takes to lead cybersecurity inside one of the largest and most complex enterprises in the world.

Takeaways

  • Security investments must be guided by measurable risk exposure, not audit checklists alone.

  • Major setbacks can reshape strategy and improve long-term decision-making.

  • CISOs should engage operational teams, not only vendor executives.

  • Board-level communication should focus on business impact rather than technical detail.

🤝 Partner Intel 🤝

NinjaOne

NinjaOne offers a consolidated platform for endpoint management, remote monitoring, patch management, IT automation, and service delivery. Designed for MSPs and internal IT teams, NinjaOne centralizes key systems administration functions in one intuitive interface. The platform supports automated patch deployment, remote control, real-time monitoring, and asset tracking, helping teams maintain security hygiene and operational efficiency across large device fleets. NinjaOne’s automation policies can reduce manual overhead while keeping endpoints up to date with security patches and configuration standards.

🤖 AI Runtime 🤖

US Government Updates Framework for AI Threat Information Sharing

The U.S. government announced enhancements to the AI Information Sharing and Analysis Center (AI-ISAC) framework, aiming to support real-time threat intelligence exchange about AI threats between public and private sectors. Led by the Cybersecurity and Infrastructure Security Agency (CISA), this initiative focuses on enabling rapid sharing of AI-related attack patterns, vulnerabilities, and behavioural indicators to improve collective preparedness. The update reflects growing concern over malicious actors using AI to automate attacks, generate deepfakes, and evade detection. With collaboration and shared insights, the framework seeks to strengthen defensive capabilities at scale and accelerate industry response times to emerging AI threats.

đź“Š By the Numbers đź“Š

🗳️ Your Monday Take 🗳️

Cast your vote on our weekly poll.

Which of the following would make you more likely to report a suspected cybersecurity incident at work?

Login or Subscribe to participate in polls.

📩 We’ll share the results in the Friday issue.

Advertise with Comparitech
Does your business offer services or products in cybersecurity? Get your product seen by IT leaders and professionals.

Advertise with us →

Until Friday’s edition - Let’s keep that zero-day count at zero!