Customer Portal

CALL US: (949)-379-8500

Oracle Denies Shocking Data Breach Claims: Hacker Alleges Theft of 6 Million Records

🎙️ Dive Deeper with Our Podcast!
Explore the latest Oracle Denies Shocking Data Breach Claims: Hacker Alleges Theft of 6 Million Records Now with in-depth analysis.
👉 Listen to the Episode: https://technijian.com/podcast/oracle-data-breach-allegations-and-denial/
Subscribe: Youtube | Spotify | Amazon

Alleged Oracle Cloud Breach: What’s the Story?

A hacker going by the alias “rose87168” has claimed responsibility for what’s being called the biggest supply chain cyberattack of 2025. The hacker alleges that they successfully infiltrated Oracle Cloud, stealing over 6 million records containing sensitive login credentials, encrypted passwords, and security certificates.

The affected regions are said to be US2 and EM2, and the exposed information includes:

Single Sign-On (SSO) credentials
Lightweight Directory Access Protocol (LDAP) data
Java KeyStore (JKS) files
Enterprise Manager JPS keys

This breach, if proven, could affect more than 140,000 Oracle Cloud tenants.

Oracle Responds: Strong Denial of Any Breach

Despite the gravity of the allegations, Oracle has firmly denied any security compromise. In an official statement to BleepingComputer, Oracle declared:

“There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.”

Oracle maintains that none of the supposedly leaked credentials belong to Oracle Cloud services.

Hacker’s Claims: What’s Being Offered on the Dark Web?

The hacker isn’t just making idle threats. They’ve posted samples of the stolen data on BreachForums, offering the full dump for sale in exchange for:

Cryptocurrency (100,000 XMR)
Zero-day exploits
Assistance in decrypting SSO passwords and cracking LDAP hashes

According to the hacker, Oracle Cloud servers were accessed for over 40 days before they reached out to Oracle with demands.

How the Hacker Says They Got In

The alleged method of infiltration involves a vulnerable version of a software package used across Oracle’s servers. The hacker claims that while the vulnerability is tied to a known CVE (Common Vulnerabilities and Exposures), no public proof-of-concept exploit exists—making it harder to verify.

Interestingly, the hacker claims to have:

Uploaded a file to Oracle’s servers as proof
Sent an email to Oracle outlining the breach and offering to help for payment
Been ignored after sharing key details with Oracle’s security team

Cybersecurity Experts Are Divided

This case has the cybersecurity community split. While some call for independent verification, others believe it’s prudent to take preventive action, regardless of Oracle’s denial.

CloudSEK, a respected security firm, noted that Java KeyStore files and encrypted SSO credentials matching Oracle’s structure have surfaced in underground forums—lending some credibility to the claims.

What Should Oracle Cloud Users Do Right Now?

Regardless of whether the breach is real or not, staying proactive is the best defense. Here are essential steps Oracle Cloud customers should take:

1. Monitor Access Logs

Keep an eye out for any unusual login behavior or IP access patterns.

2. Reset Critical Credentials

Immediately rotate passwords, especially for admin accounts and service integrations.

3. Rotate Encryption Keys

Re-issue any API or database keys, and update security certificates.

4. Enable Multi-Factor Authentication (MFA)

Add an extra layer of security by enabling MFA on all user accounts.

5. Communicate Internally

Notify your IT teams and end-users of the potential threat and raise awareness.

FAQs About the Oracle Data Breach Allegations

1. Has Oracle confirmed a data breach?

No. Oracle has publicly denied the allegations and maintains that no customer data was compromised.

2. What data is reportedly stolen?

The hacker claims they stole 6 million records, including SSO credentials, LDAP hashes, Java KeyStore files, and internal Oracle Cloud security keys.

3. Who is “rose87168”?

“rose87168” is the online alias of a hacker claiming responsibility for the breach. They are offering stolen data on underground forums.

4. Is there any proof the breach happened?

While Oracle denies it, the hacker has provided sample data and uploaded text files to Oracle’s server domains as supposed proof.

5. What are the risks if the breach is true?

If legitimate, attackers could decrypt login credentials, infiltrate tenant environments, and move laterally across systems.

6. Should Oracle Cloud customers be worried?

While nothing is confirmed, caution is advisable. It’s best to update credentials, monitor logs, and follow cybersecurity best practices.

How Technijian Can Help Secure Your Cloud Environment

With evolving threats like the alleged Oracle data breach, having a reliable cybersecurity partner is more important than ever. Technijian is here to provide end-to-end cloud security solutions tailored to your business needs.

Why Choose Technijian?

Proactive Threat Monitoring
Detect and respond to suspicious activities before they escalate.
Vulnerability Management
Identify and patch weaknesses in your cloud infrastructure.
Credential & Identity Protection
Secure your user accounts with MFA, access controls, and password policies.
Incident Response Readiness
Be prepared to act fast with predefined response plans and forensic support.
Cloud Compliance Audits
Ensure your organization meets all regulatory and industry standards.

Don’t Wait for a Breach to Act

Technijian empowers businesses to build resilient cloud security frameworks—preventing breaches before they happen. Let our expert team audit your environment, close security gaps, and build a defense strategy that works for today and tomorrow.

🔗 Learn more at Technijian.com

Stay Safe. Stay Informed. And Let Technijian Keep You Protected.

About Technijian

Technijian is a premier managed IT services provider, committed to delivering innovative technology solutions that empower businesses across Southern California. Headquartered in Irvine, we offer robust IT support and comprehensive managed IT services tailored to meet the unique needs of organizations of all sizes. Our expertise spans key cities like Aliso Viejo, Anaheim, Brea, Buena Park, Costa Mesa, Cypress, Dana Point, Fountain Valley, Fullerton, Garden Grove, and many more. Our focus is on creating secure, scalable, and streamlined IT environments that drive operational success.

As a trusted IT partner, we prioritize aligning technology with business objectives through personalized IT consulting services. Our extensive expertise covers IT infrastructure management, IT outsourcing, and proactive cybersecurity solutions. From managed IT services in Anaheim to dynamic IT support in Laguna Beach, Mission Viejo, and San Clemente, we work tirelessly to ensure our clients can focus on business growth while we manage their technology needs efficiently.

At Technijian, we provide a suite of flexible IT solutions designed to enhance performance, protect sensitive data, and strengthen cybersecurity. Our services include cloud computing, network management, IT systems management, and disaster recovery planning. We extend our dedicated support across Orange, Rancho Santa Margarita, Santa Ana, and Westminster, ensuring businesses stay adaptable and future-ready in a rapidly evolving digital landscape.

Our proactive approach to IT management also includes help desk support, cybersecurity services, and customized IT consulting for a wide range of industries. We proudly serve businesses in Laguna Hills, Newport Beach, Tustin, Huntington Beach, and Yorba Linda. Our expertise in IT infrastructure services, cloud solutions, and system management makes us the go-to technology partner for businesses seeking reliability and growth.

Partnering with Technijian means gaining a strategic ally dedicated to optimizing your IT infrastructure. Experience the Technijian Advantage with our innovative IT support services, expert IT consulting, and reliable managed IT services in Irvine. We proudly serve clients across Irvine, Orange County, and the wider Southern California region, helping businesses stay secure, efficient, and competitive in today’s digital-first world.

PreviousOAuth Attacks Target Microsoft 365, GitHub: A Deep Dive into the Latest Threats

Ravi JainAuthor posts

Technijian was founded in November of 2000 by Ravi Jain with the goal of providing technology support for small to midsize companies. As the company grew in size, it also expanded its services to address the growing needs of its loyal client base. From its humble beginnings as a one-man-IT-shop, Technijian now employs teams of support staff and engineers in domestic and international offices. Technijian’s US-based office provides the primary line of communication for customers, ensuring each customer enjoys the personalized service for which Technijian has become known.

Related Posts ...

California Cryobank Data Breach

California Cryobank Confirms Data Breach: Sensitive Information Potentially Compromised

Cyber Security, cyberattacks, Data Breach, Information Technology, IT Support, IT Support Irvine, Managed IT Services, Managed IT Services California, Patch Management, vulnerabilities

GitHub Supply Chain Attack: CI/CD Secrets Exposed

GitHub Supply Chain Attack Exposes 23,000 Repositories – What You Need to Know

Compliance, Cyber Security, cyberattacks, Data Breach, malwarebytes, Network Security, Patch Management, Patch management, vulnerabilities

SSRF vulnerabilities

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack

Cloud Backup, Cloud Computing, Cloud Computing for Small Businesses, Cyber Security, cyberattacks, cybersecurity consulting, Data Breach, Hack, Network Monitoring, Ransomware, risk management, Server Support, vulnerabilities

Comments are disabled.