Oracle Corp. has advised clients {that a} hacker broke into a pc system and stole previous consumer log-in credentials, in line with two folks acquainted with the matter. It’s the second cybersecurity breach that the software program firm has acknowledged to purchasers within the final month.
Oracle employees knowledgeable some purchasers this week that the attacker gained entry to usernames, passkeys and encrypted passwords, in line with the folks, who spoke provided that they not be recognized as a result of they’re not licensed to debate the matter.
Oracle additionally advised them that the FBI and cybersecurity agency CrowdStrike Holdings Inc. are investigating the incident, in line with the folks, who added that the attacker sought an extortion cost from the corporate. Oracle advised clients that the intrusion is separate from one other hack that the corporate flagged to some health-care clients final month, the folks stated.
An Oracle consultant didn’t reply to messages searching for remark. The FBI declined to remark, whereas a CrowdStrike consultant referred inquiries to Oracle.
Details about the stolen credentials began popping out final month, when an unidentified particular person started making an attempt to promote information on-line that they claimed to have stolen from the Austin, Texas-based firm’s cloud servers. Following these claims, which had been beforehand reported by Bleeping Computer, Oracle denied that its cloud storage product had been hacked.
In a press release to clients, which was seen by Bloomberg Information, the corporate stated, “There was no breach of Oracle Cloud. The revealed credentials will not be for the Oracle Cloud. No Oracle Cloud clients skilled a breach or misplaced any information.”
This week, Oracle employees acknowledged to some purchasers that an attacker had gotten into what the corporate referred to as a “legacy surroundings,” in line with the folks. The corporate knowledgeable clients that the system hasn’t been in use for eight years and that the stolen consumer credentials due to this fact pose little danger, the folks stated.
A 3rd particular person acquainted with the breach stated the stolen information included Oracle buyer log-in credentials from as not too long ago as 2024. That particular person additionally spoke provided that they not be recognized as a result of they’re not licensed to debate the matter.
Researchers from the cybersecurity firm Trustwave Holdings Inc. validated the info posted on the market on-line as straight extracted from Oracle, in line with Karl Sigler, senior safety analysis supervisor at Trustwave SpiderLabs Risk Intelligence. He described the stolen materials as a “wealthy dataset” that might be utilized by hackers to ship out phishing emails and probably take over folks’s accounts.
Individually, hackers broke into one other Oracle pc system and stole affected person information in an try to extort a number of medical suppliers within the US, Bloomberg Information reported late final month.
In March, Oracle alerted some customers of its affected person data administration software program that someday after Jan. 22, hackers accessed firm servers and copied affected person information to an outdoor location, in line with a notification the software program firm despatched to purchasers.
Photograph: Oracle workplaces in Redwood Metropolis, California. Photographer: David Paul Morris/Bloomberg
Copyright 2025 Bloomberg.
All for Cyber?
Get computerized alerts for this subject.
