Oracle under fire for its handling of separate security incidents

The Giant Oracle Technology has criticized how to deal with two of the apparently separate data violations.

It seems that at least one of the accidents is still revealing, although Oracle denys a breach at all. The other relates to violating the patient’s data within the framework of the health care company for the technology giant, Oracle Health.

Oracle did not respond to the Techcrunch request to comment on the two accidents.

Oracle Health violation affects the patient’s data, according to reports

The recently detected Breach, which provides hospitals and other health care providers technology to access health records online. Oracle Health is a unit combined with Cerner, an electronic health record company obtained by Oracle in 2022 for $ 28 billion.

Bloomberg and Bleeping Computer said last week that the breach affects the patient’s data, although it is not clear exactly the types of data stolen, nor from the institutions and companies that use Oracle Health.

Oracle informed some healthcare customers in March by violating an event at some point earlier this year, as infiltrators arrived in Oracle servers and stole the patient’s data, according to publications.

“We write to inform you that in or around February 20, 2025, we are aware of the cybersecurity event that includes unauthorized access to some Cerner’s data that was on an old old server that has not yet been deported to Oracle Cloud,” read the notification sent to some Oracle Health customers, according to the computer.

Quoting multiple sources, the news site reported that one of the infiltrators is trying to blackmail the affected hospitals, and is said to be demanding millions of dollars.

Oracle employee, who asked not to be identified, told them that they were not allowed to speak to the press, that Techcrunch was not very transparent even with its employees.

The employee said: “My team was not able to access customer environments for several days. My anxiety is not only with a patient’s breach. It allows access to the hosts, that is, and all access to what is hosted, clearly,” the employee said. “Some customers host other applications such as human resources and financing. I don’t know if it is the infiltrator[-]It can be accessed though. “

The employee said that they should look at Reddit channels and internal stagnation channels “to find out something that is seen.”

The employee said they “felt very ignored,” describing the situation as: “Nothing to see here, move correctly.”

However, the employee also said that they saw in Slack that some teams had given a language to communicate with customers on March 4: “We will investigate the case you face.”

Oracle denies the ramp breeding, despite the escalating evidence

Another separate violation includes Oracle Cloud servers. In this case, too, Oracle is not very transparent about what happened.

Earlier this month, an Internet infiltrator was published online Rose87168 in an e -crime forum that provides data of 6 million Oracle Cloud customers, including authentication data and encrypted passwords, according to Bleeping Computer at that time.

To prove that they violated Oracle, Rose87168 has uploaded a text file containing their online handle that was hosted on the Oracle Cloud server.

Since then, many Oracle clients have confirmed that the data samples shared by the infiltrators seem real, noting an additional evidence of a breach in Oracle.

The strange, Oracle denied that there is a breach at all.

“There was no violation of Oracle Cloud,” said Oracle Publishing Publishing.

But not everyone is convinced.

“This is a serious accident of cybersecurity that affects customers, on an Oracle platform,” said Kevin Bouont, a cybersecurity expert, Kevin Bouont, said in a post in the alleged Oracle Claude violation analysis blog. “Oracle is trying to express the Wordsmith phrases about Oracle Cloud and use very specific words to avoid responsibility. This is not fine.”

“Oracle needs to communicate what happened clearly and knowing, and how this affects customers, and what they do about it. This is a matter of confidence and responsibility,” Pomont said.

Commenting on one of the alleged Oracle violations, Lisa Forte, a cyber security expert, wrote that “if it ends until it is true, and I am fighting to find out how he will not do it, this is a very bad look.”