Oracle admits second major security breach, user login data stolen

News
By published

It's old data, Oracle says

Oracle
(Image credit: Oracle)
  • Several reports claim a second Oracle data breach has occured
  • User login credentials were apparently stolen
  • Oracle allegedly told some customers that the data is almost a decade old

Oracle has apparently suffered its second cyberattack in a month, but the company is downplaying its importance.

A Bloomberg report citing two people familiar with the matter has claimed Oracle told some of its customers a threat actor compromised its IT infrastructure and stole client login credentials.

At the same time, Reuters is reporting that an unidentified threat actor tried to sell the stolen data on the dark web, claiming to have stolen it from Oracle’s Austin, Texas premises.

Monitor your credit score with TransUnion starting at $29.95/month

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)

View Deal

Old data

Bloomberg also reported that Oracle told some of its clients that the FBI was notified, and that CrowdStrike was brought in to investigate. Furthermore, the clients were notified that this is not the same incident that struck healthcare customers in March 2025. Finally, the attacker also tried to extort Oracle for the stolen data.

Oracle has hinted that the data isn’t that relevant, however, claiming that the compromised system was not used for eight years. Therefore, the conclusion is that the data found there is outdated and poses little risk.

However, there were Oracle customer login credentials from as recently as 2024.

We would say that leaked login data is always a problem, regardless of if it’s ten years, or ten days old. Besides, many organizations never change their login credentials, or reuse the same passwords across a myriad of other services, in which case such a database could prove a gold mine for brute-force or credential stuffing attacks.

At press time, Oracle has not yet addressed the media reports, but we have contacted the company for comment.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

More about security
DDoS attack

DDoS attacks are becoming a critical tool in geopolitical battles
A person holding a phone looking at a scam text with warning signs around

438 crypto masterminds are responsible for the majority of pump-and-dump crypto coin schemes globally, researchers find
Proton VPN new mobile app interface – promo image

Proton VPN unveils a major revamp to its Windows, iOS, and Android apps
See more latest
Most Popular
Proton VPN new mobile app interface – promo image
Proton VPN unveils a major revamp to its Windows, iOS, and Android apps
Nintendo Switch 2 SD cards
Yes, the Nintendo Switch 2 has more internal storage and supports expandable cards, but you'll need a specific type
Samsung Galaxy Watch 7 front
New Samsung Galaxy Watch 8 leak again confirms return of the Classic model
Two Squid Game season 2 contestants staring at each other
Netflix movies and shows are now available in over 30 languages – here's what you need to know
Google Pixel 9a
Google’s new Battery Health assistance will intentionally shorten your Pixel 9a’s battery life – and you can’t turn the feature off
iPhone 13
It's not just you – a weird iOS 18.4 bug is downloading random apps to some people’s iPhones
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
WordPress owner Automattic announces major layoffs
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
The Samsung Galaxy S25 Edge’s rumored delay could be due to technical issues, and there’s a chance it won’t launch at all
Mario Kart World
Nintendo confirms that certain Switch 2 game cards will just have a download key, but I don't think it's as bad as we first thought
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Lenovo accidentally leaks Nvidia RTX 5060 Ti and 5060 models in a desktop PC, suggesting these GPUs are close to release