Tech big Oracle is going through criticism for the way it’s dealing with two seemingly separate information breaches.
Not less than one of many incidents seems to nonetheless be unfolding, regardless of Oracle reportedly denying a breach in any respect. The opposite pertains to a breach of affected person information below the tech big’s healthcare subsidiary, Oracle Health.
Oracle didn’t reply to TechCrunch’s request for remark concerning the two incidents.
Oracle Health breach impacts affected person information, per reviews
The breach disclosed most not too long ago entails Oracle Health, which supplies hospitals and different healthcare suppliers with know-how to entry well being data on-line. Oracle Health is a unit that was mixed with Cerner, an digital well being data firm that Oracle acquired in 2022 for $28 billion.
Bloomberg and Bleeping Laptop reported final week that the breach impacts affected person information, though it’s unclear precisely what sorts of knowledge have been stolen, nor which organizations and firms that use Oracle Health are affected.
Oracle notified a few of its healthcare clients in March of a breach that occurred someday earlier this yr, through which hackers accessed Oracle servers and stole affected person information, based on the publications.
Contact Us
Do you have got extra details about these two Oracle breaches? From a non-work gadget and community, you’ll be able to contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Telegram and Keybase @lorenzofb, or e-mail. You can also contact TechCrunch by way of SecureDrop.
“We are writing to inform you that, on or around February 20, 2025, we became aware of a cybersecurity event involving unauthorized access to some amount of your Cerner data that was on an old legacy server not yet migrated to the Oracle Cloud,” learn the notification despatched to some Oracle Health clients, based on Bleeping Laptop.
Citing a number of sources, the information website reported {that a} hacker is making an attempt to extort affected hospitals, reportedly demanding hundreds of thousands of {dollars}.
An Oracle worker, who requested to stay nameless, as they weren’t licensed to talk to the press, advised TechCrunch that the corporate hasn’t been very clear even with its personal staff.
“My team was not able to access customers’ environments for a number of days. My concern is not just with patient data breach. Access through hosts allows any and all access to what is hosted, obviously,” mentioned the worker. “Some customers host other applications like HR and finance. I don’t know if it was hacker[-]accessed though.”
The worker mentioned that they had to take a look at Reddit and inside Slack channels “to even figure out something was being looked at.”
The worker mentioned they “felt super ignored,” describing the scenario as: “Nothing to see here, move right along.”
The worker, nevertheless, additionally mentioned that they noticed on Slack that some groups got language to speak with shoppers on March 4: “We will investigate the issue you are experiencing.”
Oracle denies cloud breach, regardless of mounting proof
The opposite separate breach entails Oracle Cloud servers. And on this case, too, Oracle will not be being very clear about what occurred.
Earlier this month, a hacker going by the net deal with rose87168 posted on a cybercrime discussion board providing the info of 6 million Oracle Cloud clients, together with authentication information and encrypted passwords, as Bleeping Laptop reported on the time.
To show that they breached Oracle, rose87168 uploaded a textual content file containing their on-line deal with that was hosted on an Oracle Cloud server.
Since, a number of Oracle clients have confirmed that information samples shared by the hacker seem real, pointing to additional proof of a breach at Oracle.
Surprisingly, Oracle denied that there was a breach in any respect.
“There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data,” Oracle advised the publication.
However not everyone seems to be satisfied.
“This is a serious cybersecurity incident which impacts customers, in a platform managed by Oracle,” cybersecurity skilled Kevin Beaumont wrote in a weblog submit analyzing the alleged Oracle Cloud breach. “Oracle are attempting to wordsmith statements around Oracle Cloud and use very specific words to avoid responsibility. This is not okay.”
“Oracle need to clearly, openly and publicly communicate what happened, how it impacts customers, and what they’re doing about it. This is a matter of trust and responsibility. Step up, Oracle — or customers should start stepping off,” mentioned Beaumont.
Commenting on one of many alleged Oracle breaches, cybersecurity skilled Lisa Forte wrote on Bluesky that “if this ends up being true, and I struggle to see how it won’t, this is a very very bad look.”
