Oracle Cloud Breach? Customers Say Yes, Oracle Says Nope!
Oracle Cloud denies a security breach, but infosec researchers and customers counter with claims of genuine stolen data. Alleged hacker rose87168 boasts access to Oracle’s login servers and offers a 10,000-line data sample. CloudSEK suggests the breach exploited a known vulnerability, leaving Oracle with some explaining to do.
Hot Take:
Oh, Oracle! Not only do you have a rich history in the world of databases, but now it seems like you might also have a role in a digital whodunit. Allegedly having a data breach while claiming innocence? That’s classic, like telling the teacher your dog ate your homework, while the shredded pages are still sticking out of your backpack. But don’t worry, Oracle, even Houdini couldn’t be perfect with his escapes!
Key Points:
- Oracle denies any breach of its login servers despite claims from cybersecurity researchers.
- An infosec researcher, Alon Gal, received a sample of allegedly stolen data, which some customers have confirmed as genuine.
- The cyber intruder, rose87168, may have exploited a known Oracle vulnerability, CVE-2021-35587.
- CloudSEK backs the credibility of the breach, stating the leaked data’s structure is hard to fabricate.
- Organizations are advised to update security measures amid fears of potential supply chain and ransomware attacks.
Already a member? Log in here