Oracle Faces Scrutiny Over Alleged Cloud Security Breach

Oracle is under fire after cybersecurity researchers and journalists uncovered evidence of a major security breach in its cloud services—despite the company’s denials.

The hacker ‘rose87168’ announced on March 21 that they had penetrated Oracle’s cloud infrastructure before revealing confidential information, as noted by Medium.

The hacker presented files together with login credentials which cybersecurity experts verified as authentic. Bleeping Computer received a statement from Oracle which denied any breach of their Cloud infrastructure.

Medium reported that internal Oracle meeting recordings revealed employees discussing password vault access and customer system entry after the initial breach. The public release of the video indicates that the breach extended beyond Oracle’s initial statements.

TechSpot notes that Hudson Rock, CloudSEK, and Trustwave SpiderLabs analyzed the data and said it was real customer information, including email addresses, job titles, and contact details. Trustwave said this leak poses “severe cybersecurity and operational risks.”

Despite these findings, Oracle allegedly used wordplay to distance itself from the breach, stating only that “Oracle Cloud” was unaffected while reportedly shifting blame onto “Oracle Classic,” a rebranded version of its legacy services, as reported by TechSpot.

Medium reports that some Oracle customers claim that the company has confirmed a breach through private communication yet refuses to issue written statements despite mounting evidence. However, the absence of clear disclosure has triggered extensive public disapproval.

Meanwhile, “rose87168” continues leaking data and has threatened to release more unless demands are met, as reported by Medium. Experts warn that affected organizations should take immediate security measures, as Oracle remains silent on mitigation efforts.