Oracle under the fire because of his dealings with separate security incidents

The Giant Oracle Technology has criticism about how to deal with two apparently separate data violations.

It seems that at least one of the accidents is still revealing, although Oracle denys a breach at all. The other relates to violating the patient’s data within the framework of the health care company for the technology giant, Oracle Health.

Oracle did not respond to the Techcrunch request to comment on the two accidents.

Oracle Health violation affects the patient’s data, according to reports

The recently detected Breach, which provides hospitals and other health care providers technology to access health records online. Oracle Health is a unit combined with Cerner, an electronic health record company obtained by Oracle in 2022 for $ 28 billion.

Bloomberg and Bleeping computer It reported last week that the violation affects the patient’s data, although it is not exactly clear the types of data stolen, nor from the institutions and companies that use Oracle Health.

Oracle informed some healthcare customers in March by violating an event at some point earlier this year, as infiltrators arrived in Oracle servers and stole the patient’s data, according to publications.

“We write to inform you that in or around February 20, 2025, we are aware of the cybersecurity event that includes unauthorized access to some Cerner’s data that was on an old old server that has not yet been deported to Oracle Cloud,” read the notification sent to some Oracle Health customers, according to the computer.

Quoting multiple sources, the news site reported that one of the infiltrators is trying to blackmail the affected hospitals, and is said to be demanding millions of dollars.

Oracle employee, who asked not to be identified because they were not allowed to speak to the press, told Techcrunch that the company was not very transparent even with its employees.

The employee said: “My team was not able to access customer environments for several days. My anxiety is not only with a patient’s breach. It allows access to the hosts, that is, and all access to what is hosted, clearly,” the employee said. “Some customers host other applications such as human resources and financing. I don’t know if Hacker is accessed (-).”

The employee said that they should look at Reddit channels and internal stagnation channels “to find out something that is seen.”

The employee said they “felt very ignored,” describing the situation as: “Nothing to see here, move correctly.”

However, the employee also said that they saw in Slack that some teams had given a language to communicate with customers on March 4: “We will investigate the case you face.”

Oracle denies the ramp breeding, despite the escalating evidence

Another separate violation includes Oracle Cloud servers. Also in this case, Oracle was not very transparent about what happened.

Earlier this month, one of the infiltrators was published online Rose87168 in an electronic crime forum that provides data of six million Oracle Cloud customers, including authentication and encrypted passwords, such as beleping compute I mentioned at that time.

To prove that they violated Oracle, Rose87168 has been downloaded Text file that contains their handle online It was hosted on the Oracle Cloud server.

since, Many Oracle customers confirmed Data samples shared by the infiltrator looks original, indicating more evidence of a breach in Oracle.

The strange, Oracle denied that there is a breach at all.

“There was no violation of Oracle Cloud,” said Oracle Publishing Publishing.

But not everyone is convinced.

“This is a serious accident of cybersecurity that affects customers, on a platform run by Oracle,” Cyber ​​security expert Kevin Boumont He wrote in a blog post The alleged Oracle Cloud violation analysis. “Oracle is trying to express the Wordsmith phrases about Oracle Cloud and use very specific words to avoid responsibility. This is not fine.”

“Oracle needs to communicate what happened clearly and knowing, and how this affects customers, and what they do about it. This is a matter of confidence and responsibility,” Pomont said.

Comment on one of the alleged Oracle violations, cyber security expert Lisa Forte Books on Bluezki This, “If it ends until it is true, and I struggle to see how he will not do it, this is a very bad look.”