CISA warns of potential data breaches caused by legacy Oracle Cloud leak

Posted on by Steven

CISA warns of potential data breaches caused by legacy Oracle Cloud leak

Federal cybersecurity officials have alerted the public about a significant data breach impacting Oracle that poses risks to numerous organisations. For weeks, Oracle had quietly warned its customers of a January incident where hackers managed to steal sensitive information and client credentials from outdated Oracle systems.

Despite Oracle’s assurances that their Cloud Infrastructure (OCI) wasn’t breached, they admitted the hackers accessed user names from obsolete servers. As investigations continue, including one by the FBI and CrowdStrike, the true scope of the breach is still uncertain but has raised alarms due to the nature of the incidents.

Source: The Record

Key Points

  • The CISA has issued warnings about potential risks from a data breach affecting legacy Oracle systems.
  • The breach includes reports of stolen credentials impacting over 140,000 tenants from Oracle Cloud’s Single Sign-On (SSO) and LDAP systems.
  • Hackers are selling approximately 6 million records, including usernames, encrypted passwords, and sensitive files.
  • CISA indicates that compromised credentials could be weaponised for escalating network access and conducting phishing campaigns.
  • Organisations are urged to reset passwords for affected services and monitor for suspicious activities.

Why should I read this?

If you’re in any organisation using Oracle’s systems, this is a must-read! The breach has potentially serious implications, and knowing the details can help you protect your data. The fact that CISA is involved means it’s something to take seriously, so save yourself some time and get clued up by diving into the details!