In March 2025, cybersecurity researchers reported a significant data breach involving Oracle Cloud, with a threat actor, identified as "rose87168," claiming to have exfiltrated approximately six million records. The compromised data reportedly includes sensitive information such as single sign-on (SSO) credentials, Lightweight Directory Access Protocol (LDAP) passwords, OAuth2 keys, and tenant data, potentially affecting over 140,000 tenants.
The attacker allegedly exploited vulnerability in Oracle Cloud's login endpoint, specifically targeting login.us2.oraclecloud.com. This breach has raised concerns about unauthorized access and potential extortion attempts, as the threat actor is purportedly demanding payments from affected companies for data removal.
Oracle has denied these claims, stating that there is no evidence of such a breach. However, the Federal Bureau of Investigation (FBI) is reportedly investigating the incident, indicating the seriousness of the allegations.
This incident underscores the critical importance of robust cybersecurity measures for organizations relying on cloud services. It highlights the necessity for continuous monitoring, timely patching of vulnerabilities, and comprehensive incident response plans to mitigate potential risks associated with data breaches.
Oracle Cloud Reportedly Breached, with Six Million Records Allegedly Compromised
Forum rules
Behave rationally.
Behave yourself.
Self moderate your posts.
Be reasonable.
No Spam.
No Blunt promotion.
No nonsense whatsoever.
Behave rationally.
Behave yourself.
Self moderate your posts.
Be reasonable.
No Spam.
No Blunt promotion.
No nonsense whatsoever.