Oracle has denied reports of a data breach after a hacker, "rose87168," allegedly claimed to have stolen 6 million records from Oracle Cloud’s systems. The claims, first reported by cybersecurity firm CloudSEK, suggest that the stolen data affects over 140,000 tenants and includes JKS files, encrypted SSO and LDAP passwords, and JPS keys.
The incident, reported on March 21, 2025, raised concerns about sensitive business data being compromised. According to CloudSEK, the hacker is allegedly selling the stolen data and demanding payment from affected companies to delete the records. The threat actor also offered rewards to those who could assist in decrypting the passwords.
Despite these claims, Oracle has firmly denied any breach of its cloud infrastructure. In an official statement, the company asserted, "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data."
CloudSEK suggests that the hacker may have exploited a vulnerability in Oracle WebLogic Server, a system used for managing login pages, to gain unauthorized access. The firm believes a previously unknown flaw may have allowed the hacker to infiltrate Oracle Cloud’s databases.
While Oracle maintains that its systems remain secure, the incident highlights growing concerns about cyberattacks targeting cloud services. The situation continues to be monitored as cybersecurity experts and affected companies work to verify the authenticity of the hacker’s claims and protect their sensitive data.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
