Excerpt from Reuters Article, Published on Apr 3, 2025.
Oracle has informed clients about a second recent hack, confirming that a hacker infiltrated a computer system and stole old client log-in credentials. This breach follows a previous cybersecurity incident last month, making it the second attack that Oracle has acknowledged to customers in a short span of time. The hacker reportedly gained access to a legacy system, which Oracle claims has not been in use for eight years. However, the stolen data included Oracle customer log-in credentials from as recently as 2024, raising concerns about potential risks. While Oracle downplays the impact, stating that the outdated system poses minimal threat, cybersecurity experts remain cautious about the implications of the hack. This development suggests a possible extortion attempt targeting Oracle.
The cloud computing giant has informed some clients that the Federal Bureau of Investigation (FBI) and cybersecurity firm CrowdStrike Holdings are actively investigating the hack. The attack is said to be separate from the previous hacking incident that Oracle flagged to some healthcare clients. However, the frequency of these security breaches raises concerns about Oracle’s ability to safeguard sensitive customer information. Given the scale of Oracle’s cloud operations and the nature of its clientele, such repeated incidents could impact trust in its security infrastructure.
Oracle has yet to issue an official comment regarding the hack, while CrowdStrike has referred all inquiries to the cloud provider. The acknowledgment of these breaches highlights the growing cybersecurity threats facing even the largest technology firms. As hackers become more sophisticated, companies like Oracle must continuously evolve their security measures to prevent unauthorized access and potential data exploitation. With cybersecurity threats escalating, businesses relying on Oracle’s cloud services will likely scrutinize the company’s response to this hack. As the investigation unfolds, Oracle faces mounting pressure to reinforce its security framework and reassure its clients about the integrity of their data.
To delve deeper into this topic, please read the full article on Reuters.
