Oracle technology giant is facing criticism of how it is dealing with two seemingly separate data violations.
At least one of the incidents appears to be still unfolding, despite Oracle reportedly denies a violation at all. The other relates to a violation of patient data under the tech giant health care affiliate, Oracle Health.
Oracle did not respond to Techcrunch’s request for comment on two incidents.
Oracle health violation affects patient data, for reports
Oracle Health’s unveiled violation is a unit that was combined with Cerner, an electronic health record company Oracle earned in 2022 for $ 28 billion.
Bloomberg and Bleeping Computer reported last week that the violation affects patient data, although it is unclear exactly what types of data were stolen, nor what organizations and companies using Oracle Health are affected.
Oracle announced some of his March healthcare customers of a violation that occurred somewhere earlier this year, in which hackers had entered the Oracle server and stole data on patients, according to publications.
Contact us
Do you have more information about these two Oracle violations? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai safely on the signal at +1 917 257 1382, or through the Telegram and Keybase @Lorenzofb, or email. You can also contact techcrunch via securedrop.
“We are writing to inform you that, on or around 20 February 2025, we became aware of an online security event that included unauthorized access to some of your Cerner data that were on an old inheritance server that did not migrate yet to Oracle Cloud,” Read the announcement sent to some Oracle Health clients, according to Bleeping Computer.
Mentioning numerous sources, the news site reported that a hacker is trying to extort the affected hospitals, reportedly demanding millions of dollars.
An Oracle employee who sought to remain anonymous, as they were not authorized to talk to the press, told Techcrunch that the company was not very transparent with its employees.
“My team was unable to enter clients’ premises for a few days. My concern is not just by violating patient data. Access through the armies allows every and all access to what was expected, obviously,” the employee said. “Some customers expect other applications like HR and Finance. I don’t know if it was a hacker (-) to be reached.”
The employee said they had to look at Reddit and Internal Slack channels “even realize that something was being seen.”
The employee said they “felt super ignorant”, describing the situation as “nothing to see here, move immediately.”
The employee, however, said they saw in Slack that some teams were given language to communicate with clients on March 4: “We will investigate the issue you are experiencing.”
Oracle denies the cloud violation, despite the growing evidence
The other special violation includes Oracle Cloud servers. And in this case, too, Oracle is not very transparent for what happened.
Earlier this month, a hacker who runs from the Rose87168 internet glove posted on a cyber crime forum providing the data of 6 million Oracle Cloud customers, including certificate data and passwords, as Bleeping Computer reported at the time.
To prove that they violated Oracle, Rose87168 uploaded a text file containing their handle online that was received on an Oracle Cloud server.
Since some Oracle clients have confirmed that data samples separated by the hacker look true, showing further evidence of a violation in Oracle.
Rangeudriently, Oracle denied there was a violation at all.
“There is no violation of Oracle Cloud. The published credentials are not for Oracle Cloud. No Oracle Cloud client experienced a violation or lost any data,” Oracle told the publication.
But not everyone is convinced.
“This is a serious internet security incident that affects clients, on a Oracle managed platform,” wrote Internet security expert Kevin Beaumont in a blog post analyzing Oracle Cloud’s alleged violation. “Oracle are trying to say words about Oracle Cloud and use very specific words to avoid responsibility. This is not okay.”
“Oracle must communicate clearly, openly and publicly what happened, how it affects clients and what they are doing about it. This is a matter of trust and responsibility. Step, Oracle – or clients should start to leave,” Beaumont said.
Commenting on one of Oracle’s alleged violations, Internet security expert Lisa Forte wrote in Bluesky that “if this ends to be true, and I fight to see how you do not want, this is a very bad look.”
