Oracle under fire for its handling of separate security incidents

Tech large Oracle is dealing with criticism for the way it’s dealing with two seemingly separate knowledge breaches. 

A minimum of one of many incidents seems to nonetheless be unfolding, regardless of Oracle reportedly denying a breach in any respect. The opposite pertains to a breach of affected person knowledge beneath the tech large’s healthcare subsidiary, Oracle Well being.

Oracle didn’t reply to TechCrunch’s request for remark concerning the two incidents.

Oracle Well being breach impacts affected person knowledge, per experiences

The breach disclosed most not too long ago entails Oracle Well being, which gives hospitals and different healthcare suppliers with know-how to entry well being data on-line. Oracle Well being is a unit that was mixed with Cerner, an digital well being data firm that Oracle acquired in 2022 for $28 billion.

Bloomberg and Bleeping Laptop reported final week that the breach impacts affected person knowledge, though it’s unclear precisely what varieties of knowledge have been stolen, nor which organizations and corporations that use Oracle Well being are affected. 

Oracle notified a few of its healthcare prospects in March of a breach that occurred someday earlier this 12 months, by which hackers accessed Oracle servers and stole affected person knowledge, in response to the publications.

“We’re writing to tell you that, on or round February 20, 2025, we turned conscious of a cybersecurity occasion involving unauthorized entry to some quantity of your Cerner knowledge that was on an outdated legacy server not but migrated to the Oracle Cloud,” learn the notification despatched to some Oracle Well being prospects, in response to Bleeping Laptop. 

Citing a number of sources, the information website reported {that a} hacker is making an attempt to extort affected hospitals, reportedly demanding hundreds of thousands of {dollars}. 

An Oracle worker, who requested to stay nameless, as they weren’t approved to talk to the press, advised TechCrunch that the corporate hasn’t been very clear even with its personal staff. 

“My group was not in a position to entry prospects’ environments for a lot of days. My concern isn’t just with affected person knowledge breach. Entry via hosts permits any and all entry to what’s hosted, clearly,” stated the worker. “Some prospects host different functions like HR and finance. I don’t know if it was hacker[-]accessed although.”

The worker stated that they had to have a look at Reddit and inside Slack channels “to even work out one thing was being checked out.”

The worker stated they “felt tremendous ignored,” describing the state of affairs as: “Nothing to see right here, transfer proper alongside.”

The worker, nevertheless, additionally stated that they noticed on Slack that some groups got language to speak with purchasers on March 4: “We are going to examine the problem you’re experiencing.”

Oracle denies cloud breach, regardless of mounting proof

The opposite separate breach entails Oracle Cloud servers. And on this case, too, Oracle shouldn’t be being very clear about what occurred. 

Earlier this month, a hacker going by the net deal with rose87168 posted on a cybercrime discussion board providing the information of 6 million Oracle Cloud prospects, together with authentication knowledge and encrypted passwords, as Bleeping Laptop reported on the time. 

To show that they breached Oracle, rose87168 uploaded a textual content file containing their on-line deal with that was hosted on an Oracle Cloud server.

Since, a number of Oracle prospects have confirmed that knowledge samples shared by the hacker seem real, pointing to additional proof of a breach at Oracle.

Surprisingly, Oracle denied that there was a breach in any respect. 

“There was no breach of Oracle Cloud. The printed credentials aren’t for the Oracle Cloud. No Oracle Cloud prospects skilled a breach or misplaced any knowledge,” Oracle advised the publication.

However not everyone seems to be satisfied. 

“This can be a critical cybersecurity incident which impacts prospects, in a platform managed by Oracle,” cybersecurity knowledgeable Kevin Beaumont wrote in a weblog publish analyzing the alleged Oracle Cloud breach. “Oracle try to wordsmith statements round Oracle Cloud and use very particular phrases to keep away from accountability. This isn’t okay.” 

“Oracle want to obviously, brazenly and publicly talk what occurred, the way it impacts prospects, and what they’re doing about it. This can be a matter of belief and accountability. Step up, Oracle — or prospects ought to begin stepping off,” stated Beaumont.

Commenting on one of many alleged Oracle breaches, cybersecurity knowledgeable Lisa Forte wrote on Bluesky that “if this finally ends up being true, and I battle to see the way it gained’t, this can be a very very unhealthy look.”