₦airaland Forum

Welcome, Guest: RegisterLoginWith GoogleTrendingRecentNew

Stats: 3,329,218 members, 8,439,353 topics. Date: Sunday, 05 July 2026 at 05:31 AM

Toggle theme

Oracle Cloud Hack May Impact 140,000 Enterprise Customers - Programming - Nairaland

Nairaland ForumScience/TechnologyProgrammingOracle Cloud Hack May Impact 140,000 Enterprise Customers (266 Views)

1 Reply (Go Down)

Oracle Cloud Hack May Impact 140,000 Enterprise Customers by MindHacker9009(op): 10:06pm On Mar 30, 2025
A threat actor has targeted the login infrastructure of Oracle Cloud, exploiting middleware vulnerability, and demanding ransom from over 140,000 tenants.

A threat actor has reportedly breached Oracle Cloud infrastructure, exfiltrating six million sensitive authentication records and potentially endangering more than 140,000 enterprise customers. The attacker is now demanding ransom payments while actively marketing the stolen data on underground forums, according to threat intelligence firm CloudSEK.

Security researchers at CloudSEK’s XVigil team discovered the breach on March 21, 2025, when they identified a threat actor operating under the alias “rose87168” selling millions of records extracted from Oracle Cloud’s Single Sign-On (SSO) and Lightweight Directory Access Protocol (LDAP) systems.

The compromised data includes critical security components such as Java KeyStore (JKS) files, encrypted SSO passwords, key files, and Enterprise Manager Java Platform Security (JPS) keys – all essential elements for authentication and access control within the Oracle Cloud environment.

According to CloudSEK’s investigation, the attacker claims to have penetrated Oracle’s infrastructure by exploiting a vulnerability in the company’s login endpoints, specifically targeting the subdomain login.us2.oraclecloud.com. This subdomain was reportedly still operational as recently as February 17, 2025, despite running severely outdated software components.

“The threat actor has demonstrated sophisticated capabilities by targeting a critical authentication infrastructure,” said CloudSEK in their report. “They’re not only selling the data but also actively recruiting assistance to decrypt the stolen passwords, suggesting an organized and persistent threat operation.”

Oracle has denied the data breach. “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data,” an Oracle spokesperson said.
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by Flangelo12: 10:27pm On Mar 30, 2025
Russia or North Korea.
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by preciouswoman66(m): 8:42am On Mar 31, 2025
Flangelo12:
Russia or North Korea.
What makes you think so??

When "yahoo boys" scams foreign nationals is it appropriate to say Nigeria or Nigeria government scammed them??
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by Flangelo12: 8:43am On Mar 31, 2025
preciouswoman66:
What makes you think so??

When "yahoo boys" scams foreign nationals is it appropriate to say Nigeria or Nigeria government scammed them??
That's what they say about Nigeria.
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by preciouswoman66(m): 8:44am On Mar 31, 2025
MindHacker9009:
A threat actor has targeted the login infrastructure of Oracle Cloud, exploiting middleware vulnerability, and demanding ransom from over 140,000 tenants.

A threat actor has reportedly breached Oracle Cloud infrastructure, exfiltrating six million sensitive authentication records and potentially endangering more than 140,000 enterprise customers. The attacker is now demanding ransom payments while actively marketing the stolen data on underground forums, according to threat intelligence firm CloudSEK.

Security researchers at CloudSEK’s XVigil team discovered the breach on March 21, 2025, when they identified a threat actor operating under the alias “rose87168” selling millions of records extracted from Oracle Cloud’s Single Sign-On (SSO) and Lightweight Directory Access Protocol (LDAP) systems.

The compromised data includes critical security components such as Java KeyStore (JKS) files, encrypted SSO passwords, key files, and Enterprise Manager Java Platform Security (JPS) keys – all essential elements for authentication and access control within the Oracle Cloud environment.

According to CloudSEK’s investigation, the attacker claims to have penetrated Oracle’s infrastructure by exploiting a vulnerability in the company’s login endpoints, specifically targeting the subdomain login.us2.oraclecloud.com. This subdomain was reportedly still operational as recently as February 17, 2025, despite running severely outdated software components.

“The threat actor has demonstrated sophisticated capabilities by targeting a critical authentication infrastructure,” said CloudSEK in their report. “They’re not only selling the data but also actively recruiting assistance to decrypt the stolen passwords, suggesting an organized and persistent threat operation.”

Oracle has denied the data breach. “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data,” an Oracle spokesperson said.
Dem better denial cause be like say dem go fine dem grin grin

That's if the researcher is right sha
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by preciouswoman66(m): 8:46am On Mar 31, 2025
Flangelo12:
That's what they say about Nigeria.
False! They don't say Nigeria or Nigeria government but rather Nigeria national or Nigerian
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by Flangelo12: 9:11am On Mar 31, 2025
preciouswoman66:
False! They don't say Nigeria or Nigeria government but rather Nigeria national or Nigerian
Not true.

They say those Nigerians.
Re: Oracle Cloud Hack May Impact 140,000 Enterprise Customers by MindHacker9009(op): 1:01pm On Mar 31, 2025
preciouswoman66:
Dem better denial cause be like say dem go fine dem grin grin

That's if the researcher is right sha
Their fine will now be bigger for their denial!
1 Reply

How To Hack Your Girlfriend's Whatsapp And Fb AccountHow To Hack Bank Account In Nigeria In 30 MinutesDownload Spynote RAT V6.5 And Hack Android Devices Remotely234

Are You An App DeveloperWeb Design, Mobile Apps And Digital MarketingHELP!!!! Google Cloud Platform (GCP) Keeps Rejecting My Card�