Oracle continues to dismiss hacker claims of data legitimacy.
Oracle has issued a written notification to customers about recent cybersecurity incidents.
In an email, shared by researcher Kevin Beaumont, Oracle stated that its Cloud “has not experienced a security breach.”
It claimed “unequivocally” that the Oracle Cloud Infrastructure has not been “penetrated” and no customer data has been viewed or stolen. It also claimed that “no OCI service has been interrupted or compromised in any way.”
The company did acknowledge that a “hacker did access and publish user names”, but these were from “obsolete servers that were never part of OCI.” The hacker, known as 'rose87168' claimed to have exfiltrated six million records belonging to Oracle’s customers, including encrypted Oracle Cloud SSO and LDAP passwords, Java KeyStore files, and Enterprise Manager JPS keys.
In a statement to The Register in late March, the spokesperson said: “The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.”
SC UK has attempted to contact Oracle for a response to the claims.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
