Breach cyber

Oracle Cloud

Mar 22, 2025 1 min read
Oracle Cloud

The cyberattack on Oracle Cloud orchestrated by 'rose87168' led to the theft of 6 million records potentially affecting over 140,000 tenants. Exfiltrated data includes sensitive JKS files, encrypted SSO passwords, key files, and JPS keys. This information is now sold on dark web forums. The breach, exploiting CVE-2021-35587, poses risks of unauthorized access and corporate espionage given the type of data stolen. Oracle's compromised subdomain and vulnerable software version highlight security gaps and raise concerns of lateral movement within the cloud environment.

Source: https://hackread.com/oracle-denies-breach-hacker-access-6-million-records/

"id": "ora615032225",
"linkid": "oracle-cloud",
"type": "Breach",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

TeleMessage

public 1 min read
TeleMessage, an enterprise communications and archiving platform used by US government officials, was compromised when a hacker gained unauthorized access…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.