Oracle Informs Clients of New Data Breach Under FBI and CrowdStrike Investigation, Report Says, Oracle has notified certain clients that the FBI and cybersecurity firm CrowdStrike Holdings are investigating a recent data breach, according to a Bloomberg News report. The attacker reportedly demanded an extortion payment. Oracle clarified that this incident is separate from a previous hacking case it disclosed to healthcare clients last month.

Figure 1. Oracle Hit by Second Cyberattack: Client Login Data Stolen, Reports Bloomberg.

Oracle Reports Second Data Breach in a Month; Older Client Login Data Stolen

Oracle has informed customers that a hacker gained access to one of its computer systems and stole older client login credentials, Bloomberg News reported. The breach, currently under investigation by the FBI and cybersecurity firm CrowdStrike, involved an extortion attempt and is unrelated to a separate incident reported last month involving healthcare clients. Figure 1 shows Oracle Hit by Second Cyberattack: Client Login Data Stolen, Reports Bloomberg.

The stolen data, taken from cloud servers in Austin and posted for sale online in March, includes credentials dating as recently as 2024. According to Oracle, the compromised system has been in use for eight years, and the company assured customers that the breach did not affect Oracle Cloud services. “There has been no breach of Oracle Cloud,” the company stated, clarifying that no data was lost or accessed from its cloud platform.

Cybersecurity researchers at Trustwave Holdings confirmed the authenticity of the leaked data, describing it as a "rich dataset" that could be exploited for phishing attacks or account takeovers.

Oracle has reported a second cybersecurity breach in the span of a month, with hackers stealing older client login credentials from one of its systems, Bloomberg News reported. The incident is currently under investigation by the FBI and cybersecurity firm CrowdStrike Holdings and involved an attempted extortion. Oracle emphasized that the attack did not impact Oracle Cloud services, stating, “There has been no breach of Oracle Cloud.”

The breach, which exposed data including login credentials from as recently as 2024, affected a system in use for the past eight years. While Oracle stated that the risk to customers is minimal, cybersecurity researchers at Trustwave Holdings confirmed the stolen dataset's authenticity and warned it could be used for phishing or account takeovers.

This breach is separate from another incident reported late last month, in which hackers infiltrated a different Oracle system and stole patient data. According to Bloomberg, the attackers attempted to extort more medical providers in the U.S. In a March notification, Oracle informed some users of its patient records management software that, after January 22, hackers had accessed company servers and copied sensitive patient data to another location.

These two incidents mark a concerning trend for the cloud computing giant, as it faces heightened scrutiny over the security of its legacy systems and software used in critical sectors like healthcare.

Who is Oracle?

Oracle is a major U.S.-based technology company that provides software, cloud computing services, and database solutions to businesses, governments, and healthcare providers. Many organizations rely on Oracle to store and manage sensitive data.

What Happened?

Oracle has experienced a second cyberattack in a short period of time. This means hackers have once again managed to break into one of Oracle's computer systems.

What Was Stolen?

In this most recent breach, the login credentials (usernames and passwords) of some Oracle clients were stolen. This kind of data can be used by cybercriminals to gain unauthorized access to systems or services.

How Serious Is It?

While Oracle claims the breach did not affect Oracle Cloud, the stolen data could still pose risks. Security researchers have warned that this information could be used in phishing attacks or to hijack user accounts, especially if users reuse passwords across services.

Who Reported This?

The news comes from Bloomberg News, a reputable media outlet known for business and tech reporting. They sourced the information from internal communications and cybersecurity investigations involving the FBI and private firms like CrowdStrike.

Reference:

1. https://www.reuters.com/technology/cybersecurity/oracle-tells-clients-second-recent-hack-log-in-data-stolen-bloomberg-news-2025-04-02/
2. https://www.sunrisegeek.com/post/oracle-reports-second-recent-hack-client-log-in-data-compromised

Cite this article:

Priyadharshini S (2025), Oracle Reports Second Recent Hack; Client Login Data Compromised, Says Bloomberg News, AnaTechMaz, pp.121