Summary: Oracle confirmed that credentials were stolen from two obsolete servers, but emphasized that their Oracle Cloud services remain uncompromised. The affected servers were not part of the Oracle Cloud Infrastructure, and there has been no impact on customer data or services. Despite Oracle’s assurances, concerns persist about the authenticity of the leaked data and its connection to the legacy systems.
Affected: Oracle Cloud Classic
Keypoints :
- Hacker accessed and published usernames from two obsolete servers, but did not steal usable passwords or compromise Oracle Cloud.
- The stolen data includes old client credentials, with some records allegedly from 2025, raising questions about their sensitivity despite Oracleβs claims.
- Concerns exist over the legitimacy of Oracle’s statements, with cybersecurity experts suggesting a lack of clarity regarding the breached legacy environment.
- Oracle is currently facing an extortion threat related to stolen patient data from their Oracle Health platform.