Oracle Cloud Chaos: Six Million Records in Peril as Cyber Sleuths Clash Over Alleged Breach
CloudSEK’s XVigil platform discovered a cyberattack on Oracle Cloud, exfiltrating six million records and impacting 140,000 tenants. The threat actor, ‘rose87168’, exploited a vulnerability and is selling the stolen data on dark web forums. Oracle denies the breach. CloudSEK recommends immediate credential rotation and enhanced security measures to prevent further incidents.
Hot Take:
Well, Oracle, it seems like your cloud is not so much a fluffy and secure space as it is a porous sieve leaking secrets like a celebrity’s Instagram account. Who knew the Cloud could rain so much data on Breach Forums? Next time, maybe patch those vulnerabilities faster than you can say “CVE-2021-35587”.
Key Points:
- CloudSEK’s XVigil platform uncovered a cyberattack on Oracle Cloud, affecting 140,000 tenants and exposing six million records.
- The threat actor, ‘rose87168’, exploited a vulnerable version of Oracle Cloud servers, leveraging the CVE-2021-35587 flaw.
- Stolen data includes JKS files, encrypted SSO passwords, key files, and enterprise manager JPS keys.
- Oracle denies any breach, contradicting CloudSEK’s findings and the attacker’s claims.
- CloudSEK recommends immediate credential rotations and stronger access controls to prevent future incidents.
Already a member? Log in here