Source URL: https://www.theregister.com/2025/03/23/oracle_cloud_customers_keys_credentials/
Source: The Register
Title: Oracle Cloud says it’s not true someone broke into its login servers and stole data
Feedly Summary: Despite evidence to the contrary as alleged pilfered info goes on sale
Oracle has straight up denied claims by a miscreant that its public cloud offering has been compromised and information stolen.…
AI Summary and Description: Yes
Summary: The text discusses Oracle’s denial of claims that its public cloud has been compromised, following reports on a cyber-crime forum selling allegedly stolen customer credentials. It highlights a potential security vulnerability in Oracle’s systems and the existence of unaddressed exploits, underscoring the importance of vigilance in cloud security.
Detailed Description:
The provided text details an incident involving Oracle Cloud and claims of a data breach. Key points include:
– **Denial of Breach Claims**: Oracle has publicly rejected allegations that its cloud service has been compromised, asserting that no customer data has been stolen.
– **Alleged Data for Sale**: A cybercriminal claimed to have accessed customer security keys and other sensitive data, purportedly obtained from an Oracle Cloud single-sign-on (SSO) server.
– **Vulnerability Exploitation**: The incident references a critical vulnerability (CVE-2021-35587) in Oracle’s Fusion Middleware, suggesting that it may not have been patched, allowing potential access to sensitive information through an unauthenticated exploit.
– **Scale of Potential Impact**: Assertions mention that six million records, including security certificates and encrypted passwords, were available for sale on a cyber-crime forum, affecting potentially thousands of customers.
– **Threats and Ransom**: The cybercriminal sought $200 million in cryptocurrency for information about the alleged theft and hinted at additional services such as removing employees’ information for a price.
– **Community Interaction**: The attacker sought assistance in decrypting the encrypted SSO and LDAP passwords, which implies the complexities surrounding security practices and the potential for exploitation.
**Key Insights:**
– The incident illustrates a critical intersection of cloud computing security and the importance of patching known vulnerabilities.
– Organizations using cloud services must be vigilant in addressing security flaws and ensure that their systems are regularly updated to mitigate risks.
– The existence of a marketplace for stolen data and the negotiation tactics of cybercriminals emphasize the ongoing threats faced by enterprises.
This situation serves as a reminder for security professionals to reinforce protective measures, stay informed about vulnerabilities, and maintain compliance with best practices in incident response and data protection.