- Several reports claim that there has been a second violation of Oracle data
- Apparently, the user’s login credentials were stolen
- Oracle supposedly told some clients that the data has almost a decade
Apparently, Oracle has suffered its second cyber attack in a month, but the company is minimizing its importance.
TO Bloomberg The report citing two people familiar with the matter has affirmed that Oracle told some of his clients that a threat actor compromised his IT infrastructure and stole the client’s login credentials.
At the same time, PakGazette informs that an unidentified threat actor tried to sell the stolen data on the dark website, claiming to have stolen it from Oracle Austin, Texas facilities.
Ancient data
Bloomberg He also reported that Oracle told some of his clients that the FBI was notified, and that Crowdstrike was brought to investigate. In addition, customers were notified that this is not the same incident that hit health customers in March 2025. Finally, the attacker also tried to extort Oracle for stolen data.
Oracle has hinted that the data is not so relevant, however, claiming that the committed system was not used for eight years. Therefore, the conclusion is that the data found there are outdated and pose little risk.
However, there were Oracle Custom login credentials as recently as 2024.
We would say that filtered login data is always a problem, regardless of whether they are ten years or ten days. In addition, many organizations never change their login credentials, or reuse the same passwords in a myriad of other services, in which case said database could test a gold mine for brute force or credential fillings.
At the time of publication, Oracle has not yet addressed media reports, but we have contacted the company to comment.
