1 day ago · The data breach additionally may impact some 140,000 Oracle Cloud tenants, and the threat actor appears to be attempting to ransom some of them. A check of the hacked subdomain’s Wayback Machine archive by the researchers determined that it was hosting Oracle fusion middleware 11G, which stopped receiving security support and updates in ...

2 days ago · No Oracle Cloud customers experienced a breach or lost any data.” However, there appears to be increasing evidence to the contrary. After showing that they were able to upload an arbitrary file to Oracle Cloud systems, rose87168 provided sample data consisting of roughly 10,000 records to several security firms in an effort to demonstrate the ...

3 days ago · No Oracle Cloud customers experienced a breach or lost any data." In addition to providing researchers with a sample of the sensitive data they allegedly stole from the IT titan, rose87168 also demonstrated they were able to create a text file, archived here , on a public-facing Oracle-owned web server as proof of their intrusion and the heist.

1 day ago · An investigation by CloudSEK’s XVigil platform has uncovered a breach against Oracle Cloud. Via a suspected, undisclosed vulnerability, this breach exfiltrated 6 million records. Around 140,000 tenants have been impacted by this breach due to exposed sensitive SSO and LDAP data. At this time, Oracle Cloud denies a breach occurred.

1 day ago · Despite Oracle’s denial of a breach affecting its Oracle Cloud federated SSO login servers, Bleeping Computer has confirmed with multiple companies that data samples shared by the threat actor are authentic. Recently, a threat actor, “rose87168,” claimed to be selling six million records, including sensitive account data, on dark web forums. ...

9 hours ago · Oracle denies breach after hacker claims theft of 6 million data records. StreamElements discloses third-party data breach after hacker leaks data. HellCat hackers go on a worldwide Jira hacking spree

6 days ago · While Oracle denies any breach, businesses using Oracle Cloud or related services should take proactive steps to secure their data and mitigate risks. 1. Change All Passwords Immediately. Update all login credentials for Oracle Cloud accounts and related services. Enforce strong password policies to reduce the risk of brute-force attacks.

4 days ago · Researchers said the hacker, identified as “rose87168,” successfully exploited a vulnerability in Oracle Cloud’s login endpoint, allowing the attacker to access the records. The stolen data includes single sign-on credentials, Lightweight Directory Access Protocol passwords, OAuth2 keys and tenant data, according to CloudSEK.

4 days ago · Oracle on March 24 flat out denied via email that any breach occurred or that any data was stolen. "There has been no breach of Oracle Cloud," according to the statement sent to Dark Reading by ...

4 days ago · Oracle refuses to pay and denies any wrongdoing. Oracle is clear about its view when asked by The Register and others. “No breach” is the verdict of the American cloud player. “The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.”