Date:

Oracle Suffers Two Separate Breaches Exposing Thousands of Customers’ PII

Oracle Cloud Breach: A Stand-Off between Researchers and the Company

A Potential High-Value Access Breach

Trustwave’s Spider Labs, meanwhile, said the sample of LDAP credentials provided by rose87168 "reveals a substantial amount of sensitive IAM data associated with a user within an Oracle Cloud multi-tenant environment. The data includes personally identifiable information (PII) and administrative role assignments, indicating potential high-value access within the enterprise system."

Oracle’s Initial Denial

Oracle initially denied any such breach had occurred against its cloud infrastructure, telling publications: "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data."

A Spokesperson’s No-Comment

On Friday, when I asked Oracle for comment, a spokesperson asked if they could provide a statement that couldn’t be attributed to Oracle in any way. After I declined, the spokesperson said Oracle would have no comment.

The Stand-Off Continues

For the moment, there’s a stand-off between Oracle on the one hand, and researchers and journalists on the other, over whether two serious breaches have exposed sensitive information belonging to its customers. Reporting that Oracle is notifying customers of data compromises in unofficial letterhead sent by outside attorneys is also concerning. This post will be updated if new information becomes available.

Conclusion

The situation remains unclear, with Oracle denying any breach occurred, while researchers and journalists argue that sensitive information has been compromised. The lack of a clear statement from Oracle leaves many questions unanswered, and the situation continues to unfold.

Frequently Asked Questions

Q: What is the Oracle Cloud?
A: The Oracle Cloud is a cloud infrastructure provided by Oracle Corporation, offering a range of cloud services including infrastructure, platform, and software as a service.

Q: What are LDAP credentials?
A: LDAP (Lightweight Directory Access Protocol) credentials are a type of username and password combination used to access a network or system.

Q: What is the purpose of Trustwave’s Spider Labs?
A: Trustwave’s Spider Labs is a research and development team that focuses on identifying and mitigating security threats.

Q: Why did Oracle initially deny the breach?
A: Oracle initially denied the breach, stating that the published credentials were not for the Oracle Cloud and that no Oracle Cloud customers experienced a breach or lost any data.

Latest stories

Read More

mimic Robotics unveils full-stack platform for dexterous robot manipulation

mimic Robotics has introduced a new robotic hand,...

Aetina expands Nvidia Jetson Thor portfolio with T3000 and T2000 support

Please switch off your ad blocker. Our website relies...

How to benchmark your system before running robotics simulations

Please switch off your ad blocker. Our website relies...

Has AI Agent Autonomy Redefined Robotics Safety and Control?

Robotics systems are learning to perceive, choose, and...

Opinion: Exotec managing director highlights key warehouse automation trends for 2026

Thomas Genestar, managing director of western Europe at...

MassRobotics opens RoboBoston 2026 sponsorships and announces AI career fair

MassRobotics has announced that it will host RoboBoston...

Agility Robotics opens new Fremont facility to accelerate physical AI development

Agility Robotics, a humanoid robotics and physical AI...

LEAVE A REPLY

Please enter your comment!
Please enter your name here