- Oracle Health has suffered a second data violation
- Any incident of this type could affect the confidential data of the patient
- Oracle has not yet confirmed the rape scale
Oracle Health has denied having had confidential data of the patient stolen by threat actors in two separate data violations, leaving millions of customers potentially at risk.
The company had previously denied any violation after a hacker claimed to have six million records belonging to the company, but now a second incident seems to have led to a separate rape.
The company has not yet commented on the commitments, but Bleepingcomter has now seen private communications sent to affected customers confirming that patient data were stolen.
Confidential stolen data
The attack used the credentials of committed clients to violate the servers, and the Legacy Cerner data migration servers at some point after January 22, 2025, and the company realized the violation of February 20, 2025.
The reports confirmed that patient information was included in stolen information in the attack, and that the company will help identify affected users. It is not clear if this was the result of a ransomware attack, or if this was only the exfiltration of data, and it is still unknown how customer credentials were obtained.
The attacker, with the name of “Andrew”, has not claimed affiliation to any ransomware or piracy group, and demands millions of dollars in cryptocurrencies to stop the sale or escape of the exfiltrated information.
Medical care organizations are increasingly at risk of cyber attacks, especially given the sensitive nature of the data that collect and often limited budgets for cybersecurity.
In fact, a non -compliance with 2024 of Insurance firm United Healthcare hit almost 200 million patients.
Since a data violation that contains personal identification information such as this one would put those exposed to a serious risk of theft or identity fraud, Oracle Health has apparently offered to pay credit monitoring services for those affected.
“As cybersecurity leaders, we are responsible for strong cyber hygiene: continuously monitoring our environments for unusual activity, taking advantage of cyber threat intelligence to stay at the forefront of emerging risks and allow employees to be our human firewall, “said Pierre Noel, Field Ciso Emea A Expel.
“No system is completely impenetrable, but understanding our risk landscape and layer defenses can make it very difficult for attackers to succeed. Cyber ​​resilience begins with us.”
