Oracle Faces Reports of Dual Data Breaches Involving Health and Cloud Systems
While the company has denied a breach of Oracle Cloud, it has not commented publicly on an alleged incident involving Oracle Health, which is reportedly under FBI investigation.
According to Bleeping Computer, Oracle Health clients have received a letter stating that legacy Cerner servers — not yet migrated to Oracle Cloud — were compromised in February. The letter, reportedly signed by Oracle Health Executive VP Seema Verma, suggests that electronic health records may have been accessed, and affected organisations are being urged to assess potential HIPAA violations.
Separately, an online source claims to have breached Oracle Cloud's federated SSO login servers, exposing encrypted credentials for up to six million users. Oracle denies this claim, stating, “There has been no breach of Oracle Cloud,” though some cybersecurity experts have questioned that response.
Further updates are expected as the situation develops.