Oracle

Oracle recently faced allegations of a data breach, with a threat actor claiming to have stolen 6 million records from Oracle Cloud's SSO login servers. Oracle has denied any breach, stating there was no compromise of their cloud services and customers' data remained secure. The threat actor, rose87168, attempted to sell the data and claimed the information includes SSO passwords, Java Keystore files, key files, and JPS keys from Oracle Cloud servers. Despite encrypted and hashed passwords requiring decryption or cracking, the impact of such a breach—if proven accurate—could potentially be significant, undermining trust in Oracle's cloud security and potentially impacting customers whose data was compromised.

Source: https://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/

TPRM report: https://scoringcyber.rankiteo.com/company/oracle

"id": "ora344032125",
"linkid": "oracle",
"type": "Breach",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'Technology',
                        'name': 'Oracle',
                        'type': 'Corporation'}],
 'data_breach': {'data_encryption': 'Encrypted and hashed passwords',
                 'data_exfiltration': True,
                 'number_of_records_exposed': '6 million',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['SSO passwords',
                                              'Java Keystore files',
                                              'Key files',
                                              'JPS keys']},
 'description': 'Oracle recently faced allegations of a data breach, with a '
                'threat actor claiming to have stolen 6 million records from '
                "Oracle Cloud's SSO login servers. Oracle has denied any "
                'breach, stating there was no compromise of their cloud '
                "services and customers' data remained secure. The threat "
                'actor, rose87168, attempted to sell the data and claimed the '
                'information includes SSO passwords, Java Keystore files, key '
                'files, and JPS keys from Oracle Cloud servers. Despite '
                'encrypted and hashed passwords requiring decryption or '
                'cracking, the impact of such a breach—if proven '
                'accurate—could potentially be significant, undermining trust '
                "in Oracle's cloud security and potentially impacting "
                'customers whose data was compromised.',
 'impact': {'brand_reputation_impact': 'Potential undermining of trust in '
                                       "Oracle's cloud security",
            'data_compromised': ['SSO passwords',
                                 'Java Keystore files',
                                 'Key files',
                                 'JPS keys'],
            'systems_affected': 'Oracle Cloud SSO login servers'},
 'initial_access_broker': {'data_sold_on_dark_web': True},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial Gain',
 'threat_actor': 'rose87168',
 'title': 'Alleged Data Breach at Oracle Cloud',
 'type': 'Data Breach'}

Oracle

Chain IQ

Oxford City Council

Aflac