Oracle Cloud Denies It Has Been Breached

Uploaded on 2025-04-01 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A hacker called rose87168 has recently claimed to have stolen more than 6 million data records, including user credentials, from Oracle Cloud, which could affect more than 140,000 customers.

Now, cyber security firms are taking measures to protect customers and their own networks after claims of a massive attack against Oracle Cloud.

While the previously unknown hacked has claimed responsibility for the breach, Oracle has firmly denied it has any security issues.

Indeed, argument has intensified between Oracle and security researchers following allegations that hackers accessed this sensitive data from the company’s Cloud federated Single Sign-On (SSO) service. After initially releasing strong denials, Oracle has been silent, while security researchers have compiled evidence backing claims of an actual attack. 

These conflicting stories risk generating confusion for Oracle's customers, creating uncertainty about whether to take urgent security measures or trust the company's assurances that no breach occurred.

If Oracle is aware of any indicators connected to this incident, even without confirming a breach, the company should  provide guidance, metadata or other information that customers can use to validate potential exposure. This could include login time-stamps, user agent anomalies, or IP ranges linked to suspicious access. Meanwhile, cyber security providers are assessing the potential impacts across their networks and advising customers to take precautionary measures until Oracle can deliver clear guidance.

When there's a lack of information or delayed communication, it becomes increasingly difficult for potentially vulnerable users to react in time to protect themselves. Incidents like this demonstrate just how, with  modern technology supply chains, risks don't arise from from technical vulnerabilities, they  also arise from the speed at which they are able to respond.

@rose87168   |   Bleeping Computer   |   CyberSecurityDive   |   Computing  |   Dark Reading   |   CloudSEK  |  

SOC Radar

Image: Ideogram

You Might Also Read: 

CISA Finds Serious Problems In Oracle & Mitel Systems:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Half of Employees Use Shadow AI 
Elon Musk Has Sold X To His xAI Company »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

CMMI Institute

CMMI Institute

CMMI Institute enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, data management and cybersecurity.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Iris Powered by Generali

Iris Powered by Generali

Iris Powered by Generali is an identity theft resolution provider. Our offering combines expert assistance and support with user-friendly identity protection technology.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.

National Centre for Digital Security (CNSD) - Peru

National Centre for Digital Security (CNSD) - Peru

The National Center for Digital Security manages and supervises the operation of Digital Security in Peru in order to strengthen digital trust.