Oracle has acknowledged a successful cyber intrusion into its public cloud, which involved the theft of approximately six million records containing sensitive data from its customers. Initially, Oracle denied these claims following a hacker's exposure of their access to customer login servers and vulnerability exploitation. After consulting with cybersecurity experts, it became evident that an outdated, unpatched server was responsible for the breach. Oracle's delayed admission involved private discussions with affected clients and engagement with CrowdStrike for support, while the FBI is now reportedly investigating the incident.
Claims of a cyberattack on Oracle's cloud service emerged in late March when a miscreant using the handle "rose87168" boasted of cracking into two of Big Red's login servers for customers and harvesting around six million records, which included clients' private security keys, encrypted credentials, and LDAP entries.
The data thief even created a text file in early March on login.us2.oraclecloud.com containing their email address to show they had access at one point.
Collection
[
|
...
]