Breach cyber

Oracle Cloud

Mar 31, 2025 1 min read
Oracle Cloud

Oracle Cloud faced an alleged data breach, claimed by a threat actor named Rose87168, affecting over 140,000 tenants and potentially exposing 6 million records including sensitive SSO credentials, LDAP passwords, and OAuth2 keys. Despite initial denials, evidence from security researchers at CloudSEK and confirmation from Trustwave SpiderLabs suggest the breach is legitimate, likely due to a critical vulnerability (CVE-2021-35587) in Oracle Access Manager. The breach's nature and the threat to sell or release the data indicate a severe security lapse potentially compromising personal and financial information.

Source: https://www.cybersecuritydive.com/news/hacker-linked-to-oracle-cloud-intrusion-threatens-to-sell-stolen-data/743981/

"id": "ora805033125",
"linkid": "oracle-cloud",
"type": "Breach",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

TeleMessage

public 1 min read
TeleMessage, an enterprise communications and archiving platform used by US government officials, was compromised when a hacker gained unauthorized access…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.