Data is verified and sent to threat intelligence providers.
Oracle customers have been confirmed to have had their data — including staff email addresses - have been tied up in a breach.
According to a blog by researcher Kevin Beaumont, the breach has been confirmed, with data released to cybersecurity threat intelligence providers and validated by a journalist.
“It has now become 100% clear to me that there has been cybersecurity incident at Oracle, involving systems which processed customer data,” Beaumont said.
“All the systems impacted are directly managed by Oracle. Some of the data provided to journalists is current, too. This is a serious cybersecurity incident which impacts customers, in a platform managed by Oracle.”
Beaumont called on Oracle to “clearly, openly and publicly communicate what happened” and how it impacts customers, and what they’re doing about it. “This is a matter of trust and responsibility. Step up, Oracle — or customers should start stepping off.”
SC UK attempted to contact Oracle for a right of reply, but had not received any response at the time of publishing.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
