Oracle denies breach after hacker claims theft of 6 million data records

pVMware Workstation autoupdates broken after Broadcom URL redirectppGoogle rolls out easy endtoend encryption for Gmail business usersppNearly 24000 IPs behind wave of Palo Alto Global Protect scansppPhishing platform Lucid behind wave of iOS Android SMS attacksppNew Windows 11 trick lets you bypass Microsoft Account requirementppNorth Korean IT worker army expands operations in EuropeppThis AI business software deal can build websites and automate outreachppWe Smell a DCRat Revealing a Sophisticated Malware Delivery ChainppHow to access the Dark Web using the Tor BrowserppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppeLearningppIT Certification CoursesppGear GadgetsppSecurityppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppppOracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the companys Oracle Cloud federated SSO login serversppThere has been no breach of Oracle Cloud The published credentials are not for the Oracle Cloud No Oracle Cloud customers experienced a breach or lost any data the company told BleepingComputerppThis statement comes after a threat actor known as rose87168 released multiple text files yesterday containing a sample database LDAP information and a list of the companies that they claimed were stolen from Oracle Clouds SSO platformppAs further proof that they had access to Oracle Cloud servers the threat actor shared this URL with BleepingComputer showing an Internet Archive URL that indicates they uploaded a txt file containing their ProtonMail email address to the loginus2oraclecloudcom serverppBleepingComputer contacted Oracle again to explain how the threat actor uploaded a text file containing their email address without access to Oracle Cloud serverspprose87168 is now selling the allegedly stolen data from Oracle Clouds SSO service for an undisclosed price or in exchange for zeroday exploits on the BreachForums hacking forumppThey say the data including encrypted SSO passwords Java Keystore JKS files key files and enterprise manager JPS keys was stolen after hacking into loginregionnameoraclecloud com Oracle serversppThe SSO passwords are encrypted they can be decrypted with the available files also LDAP hashed password can be cracked rose87168 says Ill list the domains of all the companies in this leak Companies can pay a specific amount to remove their employees information from the list before its soldppTheyve also offered to share some of the data with anyone who can help decrypt the SSO passwords or crack the LDAP passwordsppThe threat actor told BleepingComputer they gained access to Oracle Cloud servers around 40 days ago and claimed to email the company after exfiltrating data from the US2 and EM2 cloud regionsppIn the email exchange rose87168 said they asked Oracle to pay 100000 XMR for information on how they breached the servers but the company allegedly refused to pay after asking for all information needed for fix and patchppWhen asked how they breached the servers the threat actor said that all of the Oracle Cloud servers use a vulnerable version with a public CVE flaw that does not currently have a public PoC or exploit BleepingComputer could not independently verify if this is the caseppBleepingComputer has contacted various companies whose data was allegedly stolen to confirm whether its valid We will update this article if we hear backppBased on an analysis of 14M malicious actions discover the top 10 MITRE ATTCK techniques behind 93 of attacks and how to defend against themppHacker leaks account data of 12 million Zacks Investment usersppOracle Health breach compromises patient data at US hospitalsppOracle customers confirm data stolen in alleged cloud breach is validppStreamElements discloses thirdparty data breach after hacker leaks datappPennsylvania education union data breach hit 500000 peopleppfrom the domain list
Total domains in the original list 140621
Unique domains 128466
Duplicates removed 12155
lame ppThank you for your Information pphttpswwwcloudsekcomblogpart2validatingthebreachoracleclouddeniedcloudseksfollowupanalysisppNot a member yet Register NowppMicrosofts killing script used to avoid Microsoft Account in Windows 11ppMicrosoft tests new Windows 11 tool to remotely fix boot crashesppVMware Workstation autoupdates broken after Broadcom URL redirectppInterested in changing your approach to penetration testsppAcronis Threat Research Unit Your secret weapon against Cyber Attacks Access the reports now ppLearn why identity attacks were the 1 threat facing organizations in 2024ppAcronis Threat Research Unit Your secret weapon against Cyber Attacks Access the reports now ppOverdue a password healthcheck Audit your Active Directory for freeppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2025 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp