Ethical Hacking News
Oracle Cloud's recent breach denial has been called into question after inside data emerged, raising concerns about the security of the company's services and the potential consequences for its customers.
Oracle Cloud denies recent breach claims, but an individual claims to have breached its login servers and stolen sensitive data. A 10,000-line sample of allegedly stolen data has been provided to a security expert, who confirmed it is genuine from Oracle's internal systems. The stolen data includes customer information that could be used for supply chain and ransomware attacks. Experts urge organizations with potential exposure to take immediate action to secure their accounts and trigger incident response plans. Oracle may have had knowledge of the vulnerability but chose not to disclose it, raising concerns about transparency and accountability.
Oracle Cloud's recent breach denial has sparked a heated debate among cybersecurity experts, who are now questioning the company's claims after inside data emerged. The controversy began when an individual known as rose87168 claimed to have breached Oracle's login servers and stolen sensitive data, including customer security keys, encrypted credentials, SSO, and LDAP passwords.
According to reports, rose87168 provided a 10,000-line sample of the allegedly stolen data to Alon Gal, co-founder and CTO at security shop Hudson Rock. Gal then reached out to multiple Hudson Rock customers who appeared to be affected by the breach. Three customers have since confirmed that the data handed to Gal by rose87168 from Oracle Cloud's internal systems is genuine.
The sample of data includes customer information, such as user IDs, tenant IDs, and access keys, which could potentially be used for supply chain and ransomware attacks. Experts are warning organizations that have any suspicion they may be affected to take immediate action, including rotating their SSO and LDAP credentials, implementing strong password policies, and triggering an incident response plan.
Oracle Cloud initially denied the claims made by rose87168, stating there had been no breach of its systems. However, experts believe that Oracle failed to patch a critical vulnerability in its Access Manager software, which would have given the attacker access to sensitive data. The same vulnerability was also identified by infosec outfit CloudSEK, which suggests that Oracle may have had knowledge of the exploit but chose not to disclose it.
The breach raises serious concerns about the security of Oracle's cloud services and the potential consequences if the stolen data falls into the wrong hands. With access to sensitive information such as customer digital security certificates and keys, SSO and LDAP passwords, and more, cyber-criminals could use this data to carry out devastating attacks on organizations worldwide.
The incident has sparked a wider debate about the transparency and accountability of cloud providers when it comes to security breaches. As the demand for cloud services continues to grow, it is essential that companies like Oracle prioritize their customers' security and take swift action to address any vulnerabilities in their systems.
In this article, we will delve into the details of the breach, examine the responses from Oracle Cloud, and explore the implications of this incident on the broader cybersecurity landscape.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Oracle-Cloud-Breach-A-Complex-Web-of-Denials-and-Disclosure-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/03/25/oracle_breach_update/
Published: Tue Mar 25 15:09:24 2025 by llama3.2 3B Q4_K_M
