Tech big Oracle is dealing with criticism for the way it’s dealing with two seemingly separate information breaches.
At least one of many incidents seems to nonetheless be unfolding, regardless of Oracle reportedly denying a breach in any respect. The different pertains to a breach of affected person information beneath the tech big’s healthcare subsidiary, Oracle Health.
Oracle didn’t reply to TechCrunch’s request for remark in regards to the two incidents.
Oracle Health breach impacts affected person information, per studies
The breach disclosed most lately includes Oracle Health, which supplies hospitals and different healthcare suppliers with know-how to entry well being data on-line. Oracle Health is a unit that was mixed with Cerner, an digital well being data firm that Oracle acquired in 2022 for $28 billion.
Bloomberg and Bleeping Computer reported final week that the breach impacts affected person information, though it’s unclear precisely what varieties of knowledge had been stolen, nor which organizations and corporations that use Oracle Health are affected.
Oracle notified a few of its healthcare clients in March of a breach that occurred someday earlier this yr, wherein hackers accessed Oracle servers and stole affected person information, in accordance with the publications.
Contact Us
Do you’ve extra details about these two Oracle breaches? From a non-work gadget and community, you may contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or by way of Telegram and Keybase @lorenzofb, or e mail. You can also contact TechCrunch by way of SecureDrop.
“We are writing to tell you that, on or round February 20, 2025, we grew to become conscious of a cybersecurity occasion involving unauthorized entry to some quantity of your Cerner information that was on an previous legacy server not but migrated to the Oracle Cloud,” learn the notification despatched to some Oracle Health clients, in accordance with Bleeping Computer.
Citing a number of sources, the information website reported {that a} hacker is attempting to extort affected hospitals, reportedly demanding thousands and thousands of {dollars}.
An Oracle worker, who requested to stay nameless, as they weren’t approved to talk to the press, informed TechCrunch that the corporate hasn’t been very clear even with its personal staff.
“My crew was not capable of entry clients’ environments for plenty of days. My concern isn’t just with affected person information breach. Access by way of hosts permits any and all entry to what’s hosted, clearly,” mentioned the worker. “Some clients host different purposes like HR and finance. I don’t know if it was hacker[-]accessed although.”
The worker mentioned that they had to have a look at Reddit and inside Slack channels “to even determine one thing was being checked out.”
The worker mentioned they “felt tremendous ignored,” describing the scenario as: “Nothing to see right here, transfer proper alongside.”
The worker, nevertheless, additionally mentioned that they noticed on Slack that some groups got language to speak with purchasers on March 4: “We will examine the problem you might be experiencing.”
Oracle denies cloud breach, regardless of mounting proof
The different separate breach includes Oracle Cloud servers. And on this case, too, Oracle is just not being very clear about what occurred.
Earlier this month, a hacker going by the web deal with rose87168 posted on a cybercrime discussion board providing the info of 6 million Oracle Cloud clients, together with authentication information and encrypted passwords, as Bleeping Computer reported on the time.
To show that they breached Oracle, rose87168 uploaded a textual content file containing their on-line deal with that was hosted on an Oracle Cloud server.
Since, a number of Oracle clients have confirmed that information samples shared by the hacker seem real, pointing to additional proof of a breach at Oracle.
Strangely, Oracle denied that there was a breach in any respect.
“There has been no breach of Oracle Cloud. The printed credentials should not for the Oracle Cloud. No Oracle Cloud clients skilled a breach or misplaced any information,” Oracle informed the publication.
But not everyone seems to be satisfied.
“This is a severe cybersecurity incident which impacts clients, in a platform managed by Oracle,” cybersecurity knowledgeable Kevin Beaumont wrote in a weblog put up analyzing the alleged Oracle Cloud breach. “Oracle are trying to wordsmith statements round Oracle Cloud and use very particular phrases to keep away from duty. This is just not okay.”
“Oracle want to obviously, brazenly and publicly talk what occurred, the way it impacts clients, and what they’re doing about it. This is a matter of belief and duty. Step up, Oracle — or clients ought to begin stepping off,” mentioned Beaumont.
Commenting on one of many alleged Oracle breaches, cybersecurity knowledgeable Lisa Forte wrote on Bluesky that “if this finally ends up being true, and I battle to see the way it received’t, this can be a very very unhealthy look.”
