news 
Oracle under Fire for Its Handling of Separate Security Incidents
Oracle is facing criticism for the way it has handled two reportedly unrelated security breaches, with one incident appearing to be ongoing and another involving a claimed breach of Oracle Cloud servers.
According to recent reports, the first breach involves Oracle Health, a subsidiary that provides hospitals and other healthcare providers with technology to access health records online. The breach was allegedly notified by Oracle to some of its healthcare customers earlier this month. While details about the scope and nature of the incident remain unclear, Bloomberg and Bleeping Computer reported that patient data appears to have been stolen in the attack.
The second incident is linked to a claimed breach of Oracle Cloud servers. A hacker, known as rose87168, posted on a cybercrime forum offering the personal data of approximately six million Oracle Cloud customers, including authentication data and encrypted passwords. To prove the authenticity of their claim, the hacker uploaded a text file containing their online handle that was hosted on an Oracle Cloud server.
Several Oracle customers have since confirmed that the leaked data samples appear to be genuine, providing further evidence of a breach at Oracle. However, Oracle has denied any wrongdoing, claiming that there has been no breach of its cloud platform and that the published credentials are not for the Oracle Cloud.
The lack of transparency from Oracle has led many in the cybersecurity community to express their disapproval. “This is a serious cybersecurity incident which impacts customers, in a platform managed by Oracle,” stated cybersecurity expert Kevin Beaumont in a blog post analyzing the alleged breach. “Oracle are attempting to wordsmith statements around Oracle Cloud and use very specific words to avoid responsibility. This is not okay.”
Beaumont emphasized that it is essential for Oracle to clearly communicate with its clients about the incident, outlining how it occurred, what impact it may have on customers, and what measures will be taken to rectify the situation.
Cybersecurity expert Lisa Forte also chimed in on Bluesky, stating, “if this ends up being true, and I struggle to see how it won’t, this is a very very bad look.”
Source: https://techcrunch.com/2025/03/31/oracle-under-fire-for-its-handling-of-separate-security-incidents/
