Cox Enterprises, Inc. Data Breach – Investigated by Federman & Sherwood
Oklahoma City, Oklahoma (November 24, 2025) – Federman & Sherwood is investigating a data breach reported by Cox Enterprises, Inc. to the Attorney General of Maine following a cybersecurity incident involving Oracle’s E-Business Suite platform, which Cox uses for certain back-office operations.
According to Cox’s notification, cybercriminals exploited a previously unknown zero-day vulnerability in Oracle’s system between August 9–14, 2025, allowing unauthorized access to data. Cox later detected suspicious activity on September 29, 2025, and initiated an investigation with support from cybersecurity experts. On October 31, 2025, the company determined that certain personal information—including an individual’s name and additional data elements—may have been accessed or acquired during the incident.
Cox has stated that it applied Oracle’s security patch as soon as it became available, notified law enforcement, and implemented enhanced monitoring. The company is offering affected individuals 12 or 24 months of complimentary credit monitoring and identity theft protection services through IDX, along with guidance on reviewing financial accounts and credit reports.
Federman & Sherwood is examining whether Cox and its third-party technology providers maintained appropriate safeguards, whether the breach could have been prevented, and what legal rights may be available to individuals whose information was exposed.
The compromised information may have included:
- Full name
- Social Security number
- Other sensitive information
What is Cox Enterprises, Inc.?
Cox Enterprises, Inc. is a family-owned company that primarily operates in the communications and automotive industries, with major subsidiaries including Cox Communications and Cox Automotive.
If you were impacted by this breach, you may contact Federman & Sherwood at 1-800-237-1277 or click the link to complete the Data Breach Questionnaire and someone will reach out to you shortly.