- Several reports claim that a second violation of Oracle data has occurred
- User connection identification information was apparently stolen
- Oracle would have told some customers that data was almost a decade
Oracle apparently suffered its second cyber attack in a month, but the company minimizes its importance.
A Bloomberg The report citing two people familiar with the case said Oracle told some of its customers that a threat player had compromised its IT infrastructure and stole customer connection identification information.
At the same time, PK Press Club reports that an unidentified threat player tried to sell stolen data on the Dark Web, claiming to have stolen it in the premises of Austin, Texas d’Oracle.
Old data
Bloomberg Also said that Oracle told some of its customers that the FBI had been informed and that Crowstrike had been led to investigate. In addition, customers were informed that it was not the same incident that struck health customers in March 2025. Finally, the attacker also tried to extort Oracle for stolen data.
Oracle suggested that the data is not so relevant, however, saying that the compromise system has not been used for eight years. Consequently, the conclusion is that the data revealed that it has exceeded and has little risk.
However, there have been information to connect Oracle customers since 2024.
We would say that the connection data disclosed is always a problem, it doesn’t matter if it is ten years or ten days. In addition, many organizations never change their connection identification information, nor reuse the same passwords through a myriad of other services, in which case such a database could prove a gold mine for raw farce attacks or identification information.
At the time of the press, Oracle has not yet discussed media reports, but we contacted the company for comments.
