Skip to main content
Customer Support Customer Support

Oracle denies breach after hacker claims theft of 6 million data records

  • March 21, 2025
  • 1 reply
  • 5 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

March 21, 2025 By Sergiu Gatlan

 

Oracle

Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers.

"There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data," the company told BleepingComputer.

This statement comes after a threat actor known as rose87168 released multiple text files yesterday containing a sample database, LDAP information, and a list of the companies that they claimed were stolen from Oracle Clouds' SSO platform.

As further proof that they had access to Oracle Cloud servers, the threat actor shared this URL with BleepingComputer, showing an Internet Archive URL that indicates they uploaded a .txt file containing their ProtonMail email address to the login.us2.oraclecloud.com server.

 

>>Full Article<<

    1 reply

    Jasper_The_Rasper
    Moderator
    Forum|alt.badge.img+54

    There are perhaps 10,000 reasons to doubt Oracle Cloud's security breach denial

     

     

    Customers come forward claiming info was swiped from prod

     

    March 25, 2025 By Connor Jones

     

    Oracle Cloud's denial of a digital break-in is now in clear dispute. A infosec researcher working on validating claims that the cloud provider's login servers were compromised earlier this year says some customers have confirmed data allegedly stolen and leaked from the database giant is genuine.

    Since Oracle rubbished reports of a security breach, rose87168, the individual who claimed responsibility for the alleged intrusion and theft of approximately six million records – customer security keys, encrypted credentials, LDAP entries, and other data – sent a 10,000-line sample of the collection to Alon Gal, co-founder and CTO at security shop Hudson Rock.

    Gal said he took the sample and reached out to multiple Hudson Rock customers who appeared to be affected. Three customers have since confirmed the data handed to Gal by rose87168 from Oracle Cloud's internal systems is genuine, according to the CTO.

     

    >>Full Article<<

    Jasper_The_Rasper
    1 person likes this
    • Jasper_The_Rasper
      Jasper_The_Rasper

    Reply


    Terms & Conditions