Oracle seemingly confirms data breach after previous denials

Oracle, the multinational computer technology corporation, has recently confirmed that it experienced a data breach, despite initially denying any such incident. The breach, which occurred on an outdated system that had been discontinued in 2017, may have affected some of the company’s clients. While Oracle claims that the stolen data is not sensitive, the alleged attacker who is selling the information begs to differ, suggesting that there could be potentially damaging information for customers.

In response to the breach, Oracle has reached out to the affected clients, informing them about the incident. The company is also collaborating with CrowdStrike, a cybersecurity firm, as well as law enforcement agencies like the FBI, to investigate the breach further. The investigation is still ongoing, and Oracle is actively working to address the situation.

The data theft reportedly took place in February of this year and targeted the Oracle Identity Manager (IDM) platform. The stolen information includes usernames, emails, encrypted passwords, and other internal data. The user rose87168 has allegedly put up over 6 million stolen records for sale on various dark web portals, providing details about the compromised database and its clients.

Initially, when the stolen database was put up for sale, Oracle vehemently denied any attacks on its infrastructure, claiming that the data being sold was fake. However, subsequent evidence emerged suggesting that the company may have indeed fallen victim to a breach.

Despite this new information, Oracle has continued to maintain its stance that its infrastructure was not compromised, with multiple press releases denying the data breach. However, some security researchers believe that Oracle’s denial may be based solely on the name changes that occurred within the service. According to Kevin Beaumont, a researcher, the data breach likely originated from the Oracle Cloud platform, which was previously restructured as Oracle Classic. Technically, when Oracle states that there was no data breach on its “Oracle Cloud,” it is correct, considering the name changes that have taken place, even though the data remains the same.

As the investigation unfolds, it remains to be seen how Oracle will address the situation and mitigate any potential damage caused by the breach. It serves as a reminder that even large corporations with robust security measures in place are not immune to cyber threats.

Background Information

---

About Oracle:

Oracle Corporation is a important American multinational technology company founded in 1977 and headquartered in Redwood City, California. It's one of the world's largest software and cloud computing companies, known for its enterprise software products and services. Oracle specializes in developing and providing database management systems, cloud solutions, software applications, and hardware infrastructure. Their flagship product, the Oracle Database, is widely used in businesses and organizations worldwide. Oracle also offers a range of cloud services, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

  

Latest Articles about Oracle