Oracle Data Breach: Authenticity Confirmed Despite Denial

Oracle Data Breach: Authenticity Confirmed Despite Denial
Summary: In March, a hacker claimed to have breached Oracle’s cloud infrastructure, reportedly exfiltrating six million records, including sensitive security keys and credentials. Despite Oracle’s denial of the breach, evidence suggests otherwise, leading to investigations by CrowdStrike and potentially involving the FBI. Additionally, Oracle’s failure to notify customers promptly raises concerns of a GDPR violation, and the company may face a class-action lawsuit.

Affected: Oracle Cloud customers

Keypoints :

  • A hacker claims to have exfiltrated sensitive data from Oracle’s cloud, including customer security keys and credentials.
  • Oracle denies the breach, attributing compromised data to an outdated server but has privately informed some clients of the incident.
  • The company may face legal action for failing to report the breach within the required GDPR timeframe.

Source: https://securityonline.info/oracle-data-breach-authenticity-confirmed-despite-denial/