Oracle customers confirm data stolen in alleged cloud breach is valid
pVMware Workstation autoupdates broken after Broadcom URL redirectppGoogle rolls out easy endtoend encryption for Gmail business usersppNearly 24000 IPs behind wave of Palo Alto Global Protect scansppPhishing platform Lucid behind wave of iOS Android SMS attacksppNew Windows 11 trick lets you bypass Microsoft Account requirementppNorth Korean IT worker army expands operations in EuropeppThis AI business software deal can build websites and automate outreachppWe Smell a DCRat Revealing a Sophisticated Malware Delivery ChainppHow to access the Dark Web using the Tor BrowserppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppeLearningppIT Certification CoursesppGear GadgetsppSecurityppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppppDespite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are validppLast week a person named rose87168 claimed to have breached Oracle Cloud servers and began selling the alleged authentication data and encrypted passwords of 6 million users The threat actor also said that stolen SSO and LDAP passwords could be decrypted using the info in the stolen files and offered to share some of the data with anyone who could help recover themppThe threat actor released multiple text files consisting of a database LDAP data and a list of 140621 domains for companies and government agencies that were allegedly impacted by the breach It should be noted that some of the company domains look like tests and there are multiple domains per companyppIn addition to the data rose87168 shared an Archiveorg URL with BleepingComputer for a text file hosted on the loginus2oraclecloudcom server that contained their email address This file indicates that the threat actor could create files on Oracles server indicating an actual breachppHowever Oracle has denied that it suffered a breach of Oracle Cloud and has refused to respond to any further questions about the incidentppThere has been no breach of Oracle Cloud The published credentials are not for the Oracle Cloud No Oracle Cloud customers experienced a breach or lost any data the company told BleepingComputer last FridayppThis denial however contradicts findings from BleepingComputer which received additional samples of the leaked data from the threat actor and contacted the associated companiesppRepresentatives from these companies all who agreed to confirm the data under the promise of anonymity confirmed the authenticity of the information The companies stated that the associated LDAP display names email addresses given names and other identifying information were all correct and belonged to themppThe threat actor also shared emails with BleepingComputer claiming to be part of an exchange between them and OracleppOne email shows the threat actor contacting Oracles security email secalertusoraclecom to report that they hacked the serversppIve dug into your cloud dashboard infrastructure and found a massive vulnerability that has handed me full access to info on 6 million users reads the email seen by BleepingComputerppAnother email thread shared with BleepingComputer shows an exchange between the threat actor and someone using a ProtonMail email address who claims to be from Oracle BleepingComputer has redacted the email address of this other person as we could not verify their identity or the veracity of the email threadppIn this email exchange the threat actor says someone from Oracle using a protonme email address told them that We received your emails Lets use this email for all communications from now on Let me know when you get thisppCybersecurity firm Cloudsek has also found an Archiveorg URL showing that the loginus2oraclecloudcom server was running Oracle Fusion Middleware 11g as of February 17 2025 Oracle has since taken this server offline after news of the alleged breach was reportedppThis version of the software was impacted by a vulnerability tracked as CVE202135587 that allowed unauthenticated attackers to compromise Oracle Access Manager The threat actor claimed that this vulnerability was used in the alleged breach of Oracles serversppBleepingComputer has emailed Oracle numerous times about this information but has not received any responseppBased on an analysis of 14M malicious actions discover the top 10 MITRE ATTCK techniques behind 93 of attacks and how to defend against themppOracle Health breach compromises patient data at US hospitalsppOracle denies breach after hacker claims theft of 6 million data recordsppWestern Alliance Bank notifies 21899 customers of data breachppStreamElements discloses thirdparty data breach after hacker leaks datappHellCat hackers go on a worldwide Jira hacking spreeppHow can anyone put their trust in Oracle when the company is unwilling to tell the truth They are in damage control mode at the moment all worried about their imageppOracle liesppI bet Oracle didnt foresee this happeningppMy Oracle account that I had never used and was just lying there for over two years was breached The intruder went ahead to provision massive cloud resources and in a week the person used almost 35000 in cloud resources This is absurd because the account didnt have an active credit card a musthave before deploying any resources But Oracle wants me to pay Ive simply told them that they should find the intruder and make them pay ppWhy would Oracle not just say this matter is under investigation and therefore we dont comment on matters still under investigation
A breach is one thing that happens to everyone at some point BTW but an outright liar is anotherppThis is wild Oracle is jumping up and down denying everythingppWhat about the mandatory reporting of this certainly material cyber incident under the 2023 SEC cybersecurity rules The 4 days have already passedpp 1st IHG hotel in the World to get the Opera Cloud Upgrade ppHow did Oracle wind up running their own out of date code on their own infrastructure Looks like they were 3 releases behind on Oracle Fusion Middleware And while they have been denying this it looks like the exploitation may be ongoing This is all badppIf Oracle is lying about this is it really being ethical with the data it holdsppNot a member yet Register NowppMicrosofts killing script used to avoid Microsoft Account in Windows 11ppMicrosoft tests new Windows 11 tool to remotely fix boot crashesppVMware Workstation autoupdates broken after Broadcom URL redirectppInterested in changing your approach to penetration testsppLearn why identity attacks were the 1 threat facing organizations in 2024ppAcronis Threat Research Unit Your secret weapon against Cyber Attacks Access the reports now ppAcronis Threat Research Unit Your secret weapon against Cyber Attacks Access the reports now ppOverdue a password healthcheck Audit your Active Directory for freeppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2025 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp
A breach is one thing that happens to everyone at some point BTW but an outright liar is anotherppThis is wild Oracle is jumping up and down denying everythingppWhat about the mandatory reporting of this certainly material cyber incident under the 2023 SEC cybersecurity rules The 4 days have already passedpp 1st IHG hotel in the World to get the Opera Cloud Upgrade ppHow did Oracle wind up running their own out of date code on their own infrastructure Looks like they were 3 releases behind on Oracle Fusion Middleware And while they have been denying this it looks like the exploitation may be ongoing This is all badppIf Oracle is lying about this is it really being ethical with the data it holdsppNot a member yet Register NowppMicrosofts killing script used to avoid Microsoft Account in Windows 11ppMicrosoft tests new Windows 11 tool to remotely fix boot crashesppVMware Workstation autoupdates broken after Broadcom URL redirectppInterested in changing your approach to penetration testsppLearn why identity attacks were the 1 threat facing organizations in 2024ppAcronis Threat Research Unit Your secret weapon against Cyber Attacks Access the reports now ppAcronis Threat Research Unit Your secret weapon against Cyber Attacks Access the reports now ppOverdue a password healthcheck Audit your Active Directory for freeppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2025 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp
