Topics
previous
AI
Amazon
Image Credits:David Paul Morris / Bloomberg / Getty Images
Apps
Biotech & Health
Climate
Image Credits:David Paul Morris / Bloomberg / Getty Images
Cloud Computing
Commerce
Crypto
A screenshot of the archived text file that rose87168 uploaded to an Oracle server.Image Credits:TechCrunch (screenshot)
Enterprise
EVs
Fintech
Fundraising
gadget
stake
Government & Policy
computer hardware
layoff
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
societal
Space
startup
TikTok
Transportation
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
technical school behemoth Oracle is confront literary criticism for how it ’s handling two seemingly separate data breach .
At least one of the incidents appears to still be unfolding , despite Oracle reportedly denying a falling out at all . The other relate to a breach of patient data under the technical school whale ’s healthcare subsidiary , Oracle Health .
Oracle did not answer to TechCrunch ’s postulation for commentary about the two incident .
Oracle Health breach affects patient data, per reports
The breach reveal most recently involves Oracle Health , which provides hospitals and other health care provider with technology to get at wellness record online . Oracle Health is a social unit that was combined with Cerner , an electronic health criminal record company that Oracle get in 2022 for $ 28 billion .
BloombergandBleeping Computerreported last week that the breach bear upon patient data , although it ’s unclear exactly what kinds of information were stolen , nor which organisation and companies that use Oracle Health are affected .
Oracle advise some of its healthcare client in March of a breach that encounter sometime earlier this year , in which hackers access Oracle servers and steal patient datum , harmonise to the publications .
“ We are writing to inform you that , on or around February 20 , 2025 , we became aware of a cybersecurity consequence involve wildcat access to some amount of your Cerner data that was on an honest-to-goodness legacy server not yet migrated to the Oracle Cloud , ” read the notification commit to some Oracle Health customers , according to Bleeping Computer .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
cite multiple source , the news program web site reported that a hacker is attempt to wring affected hospitals , reportedly demanding millions of dollar .
An Oracle employee , who asked to rest anonymous , as they were not authorized to talk to the press , tell TechCrunch that the caller has n’t been very transparent even with its own employees .
“ My team was not able-bodied to get at client ’ environments for a number of days . My concern is not just with patient data rupture . admittance through hosts allow any and all approach to what is host , obviously , ” said the employee . “ Some customers host other applications like hour and finance . I do n’t know if it was hacker[-]accessed though . ”
The employee said they had to look at Reddit and internal Slack channels “ to even figure out something was being looked at . ”
The employee enounce they “ felt super ignored , ” line the place as : “ Nothing to see here , move mighty along . ”
The employee , however , also said that they understand on Slack that some team were given words to communicate with clients on March 4 : “ We will investigate the issue you are experiencing . ”
Oracle denies cloud breach, despite mounting evidence
The other separate breach involves Oracle Cloud server . And in this casing , too , Oracle is not being very transparent about what happened .
originally this calendar month , a hacker go by the online grip rose87168 post on a cybercrime forum offering the data of 6 million Oracle Cloud client , including certification data and encrypted password , as bleep Computerreportedat the time .
To prove that they breached Oracle , rose87168 uploadeda text file containing their online handlethat was hosted on an Oracle Cloud server .
Since , several Oracle customers have confirmedthat data samples apportion by the cyber-terrorist appear genuine , point to further grounds of a breach at Oracle .
Strangely , Oracle denied that there was a falling out at all .
“ There has been no breach of Oracle Cloud . The published credentials are not for the Oracle Cloud . No Oracle Cloud customers experience a rift or lost any data , ” Oracle told the publication .
But not everyone is convinced .
“ This is a serious cybersecurity incident which impacts customers , in a platform managed by Oracle , ” cybersecurity expert Kevin Beaumontwrote in a blog postanalyzing the alleged Oracle Cloud breach . “ Oracle are attempting to wordsmith command around Oracle Cloud and employ very specific parole to avoid responsibility . This is not okay . ”
“ Oracle need to clearly , openly and publicly intercommunicate what happened , how it impacts client , and what they ’re doing about it . This is a topic of trust and responsibility . Step up , Oracle — or customers should start stepping off , ” said Beaumont .
Commenting on one of the say Oracle breaches , cybersecurity expert Lisa Fortewrote on Blueskythat “ if this ends up being true , and I struggle to see how it wo n’t , this is a very very unfit smell . ”
