Oracle's Data Breach Response Sparks Transparency Concerns

03/31/2025 Security

Tech giant Oracle is facing intense scrutiny over its handling of two separate data breaches, raising serious questions about transparency and customer communication. One breach involves Oracle Health, its healthcare subsidiary, while the other concerns Oracle Cloud servers. Despite mounting evidence, Oracle's response has been met with skepticism and calls for greater accountability.

Oracle Health Breach Exposes Patient Data

The more recent breach involves Oracle Health, which integrates Cerner's electronic health records. Reports indicate that hackers accessed Oracle servers, potentially stealing sensitive patient data. While the exact scope and affected organizations remain unclear, Oracle reportedly notified some healthcare customers in March about the incident, which occurred around February 20, 2025.

According to Bleeping Computer, the notification stated that unauthorized access was gained to Cerner data on a legacy server not yet migrated to the Oracle Cloud. Disturbingly, reports suggest that hackers are attempting to extort affected hospitals, demanding significant sums of money.

Internal Concerns and Lack of Transparency

An anonymous Oracle employee revealed a lack of internal transparency regarding the breaches. The employee stated that their team was unable to access customer environments for several days and expressed concern about the potential access to sensitive data, including HR and finance information. The employee also felt "super ignored" and had to rely on external sources like Reddit and internal Slack channels for information.

Oracle Cloud Breach: Denial and Skepticism

The second breach involves Oracle Cloud servers, where a hacker offered data of 6 million Oracle Cloud customers, including authentication data and encrypted passwords. The hacker even provided proof by hosting a text file on an Oracle Cloud server. Despite confirmations from Oracle customers that the shared data samples appeared genuine, Oracle has denied any breach of Oracle Cloud.

This denial has been met with strong criticism from cybersecurity experts. Kevin Beaumont, a cybersecurity expert, asserted that Oracle is using specific wording to avoid responsibility and called for clear, open, and public communication about the incident and its impact on customers.

Expert Opinions and Calls for Accountability

Cybersecurity expert Lisa Forte echoed these concerns, stating that if the breach is confirmed, it would be a "very, very bad look" for Oracle. The situation underscores the importance of transparency and accountability in the face of cybersecurity incidents. As Beaumont put it, it's time for Oracle to "step up" and address these concerns, or risk losing the trust of its customers.