Oracle Data Breach: Authenticity Confirmed Despite Denial

At the end of March, a hacker claimed to have breached Oracle’s cloud infrastructure, allegedly exfiltrating approximately six million records. These reportedly included sensitive materials such as Oracle Cloud customer security keys, encrypted credentials, and LDAP authentication data. The threat actor even published a sample of the data as proof.

Oracle promptly denied the breach, asserting that its servers had not been compromised and that the stolen data did not originate from its cloud platform. To date, the company has not publicly acknowledged any breach or server-related incident.

Earlier, BleepingComputer contacted the hacker to obtain additional data samples and then reached out to affected enterprise customers for verification. The findings confirmed the data’s authenticity, directly contradicting Oracle’s public denial.

It appears denial alone is no longer sufficient. Several Oracle Cloud customers have now disclosed that the company privately informed them of a data breach and revealed it had engaged cybersecurity firm CrowdStrike to investigate. While CrowdStrike has declined to comment, reports suggest the FBI is also involved in the investigation.

One Oracle Cloud customer told Bloomberg that Oracle attributed the breach to an eight-year-old server storing legacy data, suggesting that the stolen credentials may be outdated. Another client, however, reported being told that login data from 2024 had been compromised.

Under the EU’s General Data Protection Regulation (GDPR), companies are required to report breaches involving personal data within 72 hours. Judging by leaked communications, Oracle failed to notify its customers within that timeframe, raising the likelihood of a GDPR violation.

The company may also face a class-action lawsuit, as legal representatives are reportedly seeking affected parties. Should multiple victims be identified and agree to pursue litigation, Oracle could come under significant legal pressure. Denial, in this case, is futile—once a breach has occurred, acknowledgment becomes inevitable, whether voluntary or compelled.

Related Posts:

• Oracle Discloses Second Hack (Client Login Data)
• CISA Sounds the Alarm on Actively Exploited Apple and Oracle Zero-Days
• Google adds DRM verification to Android APK to ensure authenticity of Play Store app
• ESET Exposes Android Scam: SpyLoan Apps Steal Data, Not Money
• X Faces GDPR Heat Over AI Training on 60 Million European Users’ Data

About The Author

Ddos

Ddos is a seasoned news reporter, bringing over a decade of expertise to the forefront of cyber security and technology reporting. My work provides timely and insightful analysis of emerging trends and critical developments in these rapidly evolving sectors.

See author's posts