Oracle Cloud Hack May Impact 140,000 Enterprise Customers - Programming - Nairaland
Nairaland Forum › Science/Technology › Programming › Oracle Cloud Hack May Impact 140,000 Enterprise Customers (265 Views)
| Oracle Cloud Hack May Impact 140,000 Enterprise Customers by MindHacker9009(op): 10:06pm On Mar 30, 2025 |
A threat actor has targeted the login infrastructure of Oracle Cloud, exploiting middleware vulnerability, and demanding ransom from over 140,000 tenants. A threat actor has reportedly breached Oracle Cloud infrastructure, exfiltrating six million sensitive authentication records and potentially endangering more than 140,000 enterprise customers. The attacker is now demanding ransom payments while actively marketing the stolen data on underground forums, according to threat intelligence firm CloudSEK. Security researchers at CloudSEK’s XVigil team discovered the breach on March 21, 2025, when they identified a threat actor operating under the alias “rose87168” selling millions of records extracted from Oracle Cloud’s Single Sign-On (SSO) and Lightweight Directory Access Protocol (LDAP) systems. The compromised data includes critical security components such as Java KeyStore (JKS) files, encrypted SSO passwords, key files, and Enterprise Manager Java Platform Security (JPS) keys – all essential elements for authentication and access control within the Oracle Cloud environment. According to CloudSEK’s investigation, the attacker claims to have penetrated Oracle’s infrastructure by exploiting a vulnerability in the company’s login endpoints, specifically targeting the subdomain login.us2.oraclecloud.com. This subdomain was reportedly still operational as recently as February 17, 2025, despite running severely outdated software components. “The threat actor has demonstrated sophisticated capabilities by targeting a critical authentication infrastructure,” said CloudSEK in their report. “They’re not only selling the data but also actively recruiting assistance to decrypt the stolen passwords, suggesting an organized and persistent threat operation.” Oracle has denied the data breach. “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data,” an Oracle spokesperson said. |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by Flangelo12: 10:27pm On Mar 30, 2025 |
Russia or North Korea. |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by preciouswoman66(m): 8:42am On Mar 31, 2025 |
Flangelo12:What makes you think so?? When "yahoo boys" scams foreign nationals is it appropriate to say Nigeria or Nigeria government scammed them?? |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by Flangelo12: 8:43am On Mar 31, 2025 |
preciouswoman66:That's what they say about Nigeria. |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by preciouswoman66(m): 8:44am On Mar 31, 2025 |
MindHacker9009:Dem better denial cause be like say dem go fine dem ![]() That's if the researcher is right sha |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by preciouswoman66(m): 8:46am On Mar 31, 2025 |
Flangelo12:False! They don't say Nigeria or Nigeria government but rather Nigeria national or Nigerian |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by Flangelo12: 9:11am On Mar 31, 2025 |
preciouswoman66:Not true. They say those Nigerians. |
| Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by MindHacker9009(op): 1:01pm On Mar 31, 2025 |
preciouswoman66:Their fine will now be bigger for their denial! |
How To Hack Your Girlfriend's Whatsapp And Fb Account • How To Hack Bank Account In Nigeria In 30 Minutes • Download Spynote RAT V6.5 And Hack Android Devices Remotely • 2 • 3 • 4
Identity Verification Tool With Github Repo • If You Are A Developer In Benin City, This Is For You • Something Strange Happened When I Was 19… And It Changed My Life Completely.