CloudSEK Disputes Oracle Over Data Breach Denial with New Evidence

Oracle is caught up in a cybersecurity mess right now, with claims about a massive data breach affecting its cloud infrastructure. Last week, Hackread.com published an article based on the findings of cybersecurity firm CloudSEK revealing that a threat actor had stolen 6 million records from Oracle Cloud. The hacker, identified as “rose87168“, claimed to have compromised a key Single Sign-On (SSO) endpoint, resulting in the exfiltration of sensitive data including SSO and LDAP credentials, OAuth2 keys, and customer tenant information.

Oracle’s Firm Denial

Shortly after the story broke, Oracle issued a categorical denial, making a strong statement that “There has been no breach of Oracle Cloud.” The company maintained that the credentials published by the threat actor were not associated with Oracle Cloud and emphasized that no Oracle Cloud customers were affected. This statement directly contradicted the findings of CloudSEK, which had alerted the public and Oracle ...