Oracle Cloud Denies It Has Been Breached

Uploaded on 2025-03-28 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A hacker called rose87168 has recently claimed to have stolen more than 6 million data records, including user credentials, from Oracle Cloud, which could affect more than 140,000 customers.

Now, cyber security firms are taking measures to protect customers and their own networks after claims of a massive attack against Oracle Cloud.

While the previously unknown hacked has claimed responsibility for the breach, Oracle has firmly denied it has any security issues.

Indeed, argument has intensified between Oracle and security researchers following allegations that hackers accessed this sensitive data from the company’s Cloud federated Single Sign-On (SSO) service. After initially releasing strong denials, Oracle has been silent, while security researchers have compiled evidence backing claims of an actual attack. 

These conflicting stories risk generating confusion for Oracle's customers, creating uncertainty about whether to take urgent security measures or trust the company's assurances that no breach occurred.

If Oracle is aware of any indicators connected to this incident, even without confirming a breach, the company should  provide guidance, metadata or other information that customers can use to validate potential exposure. This could include login time-stamps, user agent anomalies, or IP ranges linked to suspicious access. Meanwhile, cyber security providers are assessing the potential impacts across their networks and advising customers to take precautionary measures until Oracle can deliver clear guidance.

When there's a lack of information or delayed communication, it becomes increasingly difficult for potentially vulnerable users to react in time to protect themselves. Incidents like this demonstrate just how, with  modern technology supply chains, risks don't arise from from technical vulnerabilities, they  also arise from the speed at which they are able to respond.

@rose87168   |   Bleeping Computer   |   CyberSecurityDive   |   Computing  |   Dark Reading   |   CloudSEK  |  

SOC Radar

Image: Ideogram

You Might Also Read: 

CISA Finds Serious Problems In Oracle & Mitel Systems:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Half of Employees Use Shadow AI 
Elon Musk Has Sold X To His xAI Company »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Rockwell Automation

Rockwell Automation

Rockwell Automation offer industrial security solutions to protect the integrity and availability of your complex automation solutions.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

TypingDNA

TypingDNA

TypingDNA uses AI to recognise people by the way they type on desktop keyboards and mobile devices.

Renesas Electronics

Renesas Electronics

Renesas Electronics delivers trusted embedded design innovation with solutions that enable billions of connected, intelligent devices to enhance the way people work and live - securely and safely.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

ProSearch Partners

ProSearch Partners

ProSearch Partners are national talent acquisition specialists exclusively focussing on Technology and Digital talent including Cybersecurity, Data Analytics and Execs.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

Beauceron Security

Beauceron Security

Beauceron's cloud-based platform gives employees a powerful personal cyber-risk coach empowering them to improve their cybersecurity practices and behaviours.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

Securix

Securix

SECURIX AG delivers holistic IT security solutions that are tailored to the specific challenges and requirements of your company.

Nonprofit Cyber

Nonprofit Cyber

Nonprofit Cyber is a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.

Kaavalan

Kaavalan

Kaavalan was founded with a mission and a vision to protect you against cyber threats in the connected world.