Tech Giant Oracle is Facing Criticism for how it’s handling two seemingly separate data breaches.
At least one of the incidences appears to still be unfolding, despite oracle reportedly denying a breach at all. The other relates to a breach of patient data under the tech giant’s healthcare subsidiary, Oracle health.
Oracle did not respond to techcrunch’s request for comment about the two incidences.
OraCle Health Breach Affects Pata, Per Reports
The breach disclosed most recently involved, which provides hospitals and other healthcare providers with technology to access health records online. Oracle health is a unit that was combined with cerner, an Electronic Health Records Company that Oracle Accquired in 2022 For $ 28 Billion.
Bloomberg and Bleeping Computer Reported Last Week That The Breach Affects PATANT DATA, ALTHATION IT’s Unclear Exactly What kinds of data was stolen, Nor which Organizations and Companies that use oracle Affected.
OraCle notified some of its healthcare customers in March of a breach that happened somemetime earlier this year, in which hackers accessed Oracle servers and Stole PTALE PATLE PATANE DATA, ACOCORDING to the Publishes.
Contact us
Do you have more information about these two Oracle breaches? From a non-lawk device and network, you can contact lorenzo franceschi-bicchierai securely on Signal at +1 917 257 257 1382, or via telegram and keybase @LeGram and KEYBASE email, You also can contact techcrunch via Securedrop,
“We are written to inform you that, on or Around February 20, 2025, We BeCame Aware of a Cybersecurity Event Involving Unauthorized Access to some amONT of Your Carner Data that was on that was on an ingen Server not yet migrated to the Oracle Cloud, “Read the Notification Sent to some Oracle Health Customers, According to Bleeping Computer.
Citing Multiple Sources, The News Site Reported that a Hacker is Trying to Exart Affected Hospitals, Reportedly Demanding Millions of Dollars.
An Oracle Employee, Who Asked To Remain anonymous as they were not authorized to spendak to the press, told techcrunch that the company hasn’t very transparent ever speproyes.
“My team was not due to access customers’ environments for a number of days. My concern is not just with just with pata breach. Obviously, “said the employee. “Some customers host other applications like hr and finance. I don’t know if it was hacker[-]Accessed thought. “
The employee said they had to look at reddit and internal slack channels “to even figure out somenting was being looked at.”
The employee said they “felt super ignored,” describing the situation as: “Nothing to see here, move right along.”
The employee, however, also said that they are on slack
Oracle deenies cloud breach, despite mounting evidence
The other separete breach involves racle cloud servers. And in this case too, oracle is not being very transparent about waste.
Earlier this month, a hacker going by the online handle rose87168 posted on a cybercrime forum offering the data of Six Million Oracle Cloud Customers, Including Authentication Data and Encrypted Passwords, As Bleeping Computer Reported At the time.
To prove that they breeded Oracle, rose87168 uploaded A text file containing their online handle That was hosted on an oracle cloud server.
Since, Several Oracle customers have confirmed That data samples shared by the hacker appear genuine, pointing to further evidence of a breach at ora.
Strangely, Oracle denied that there was a breach at all.
“There has been no breach of Oracle cloud. The published credentials are not for the oracle cloud. No Oracle Cloud Cloud Customers Experienced a Breach or Lost on data,” Oracle Told the Publiation.
But not everyone is convined.
“This is a serial cybersecurity when impacts customers, in a platform managed by oreacle,” Cybersecurity Expert Kevin Beaumont Wrote in a blog post Analyzing the alleged Oracle Cloud Breach. “Oracle are attempting to Wordsmith Statements Around Oracle Cloud and Use Very Specific Words to Avoid Responsibility. This is not okay.”
“Oracle need to cleaned, open and publicly communicate what Happy, how it impacts customers, and what they’re doing about it. This is a matter of Trust and Responsibility. Customers Should Start Stepping Off, ”said beaumont.
Commenting on one of the alleged Oracle Breaches, Cybersecurity Expert Lisa Forte Wrote on Bluesky That, “If this ends up being true, and I struggle to see how it won’t, this is a very very bad look.”