- Oracle confirmed a second massive data breach
- The hacker gained access to sensitive information, including usernames, passwords, and encrypted passwords
- The FBI and cybersecurity firm CrowdStrike Holdings are investigating
Oracle Corp. ORCL has told customers a hacker has broken into its computer system and stolen client log-in credentials, Reuters reported recently. The incident marks the second cybersecurity breach the company has come forward about in the last month.
According to insiders with knowledge of the situation, Reuters said that usernames, passwords, and encrypted passwords have been compromised. The company has said that the information was in an older system that has not been used for eight years, and therefore poses little risk to customers. However, the insiders were quoted saying that the data that was stolen included log-in credentials from as recent as 2024.
Don't Miss:
- Invest in the Future of Digital Engagement. Own a Piece of the $100 Billion Metaverse Today for Just $500.
- Hasbro, MGM, and Skechers trust this AI marketing firm — invest pre-IPO from $0.55 per share now.
Oracle told customers that this data breach is separate from the health data breach that was confirmed at the end of March. In that incident, a hacker accessed Oracle's servers and transferred data, including patient records, to a remote location. At the time, the company was heavily criticized for its lack of transparency because it did not alert affected parties for several weeks.
In the most recent incident, the unidentified hacker attempted to sell the stolen data online and sought an extortion payment from the company. Oracle initially denied that the breach had occurred. Bloomberg reported that a statement was sent to customers that said no Oracle Cloud customers experienced a breach or lost any data.
Trending: With Shares Starting at Just $1.52, This Could be Your Chance to Invest in the Future of Healthcare.
But researchers from private security company Trustwave Holdings reportedly validated the data, confirming that it was pulled from Oracle's systems. Karl Sigler, a senior security research manager at Trustwave, described it to Singapore's Business Times as a "rich dataset" that could be used for phishing e-mails and account takeovers.
Reuters also said that the FBI and cybersecurity firm CrowdStrike Holdings CRWD have been investigating the accusations.
The FBI and CrowdStrike reportedly declined Reuters’ requests for comment on the incident. While Oracle has yet to release a public statement, it has acknowledged the hacking internally, sources reportedly told Reuters.
Read Next:
- ‘Scrolling To UBI' — Deloitte's #1 fastest-growing software company allows users to earn money on their phones. You can invest today for just $0.26/share with a $1000 minimum.
- The $1.3 billion startup investment boom: How this company's explosive growth is opening doors for everyday investors with a new $500 minimum
Edge Rankings
Price Trend
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
