CyberSecurity news

FlagThis

Dissent@DataBreaches.Net //

Oracle Health Breach Compromises Patient Data

A data breach at Oracle Health has impacted multiple healthcare organizations and hospitals across the United States. The breach involved a threat actor gaining unauthorized access to legacy servers and stealing patient data. The incident, which occurred on February 20, 2025, was initially discovered by Oracle Health, formerly known as Cerner, but has only recently been publicly disclosed by BleepingComputer on March 28, 2025, after Oracle Health failed to respond to requests for comments.

The compromised data includes sensitive information from electronic health records, single sign-on credentials, Lightweight Directory Access Protocol passwords, OAuth2 keys, and tenant data. It is believed that the breach was facilitated through the use of compromised customer credentials, aligning with known attack techniques. The implications for healthcare organizations are substantial, particularly concerning compliance with HIPAA regulations, and could lead to legal repercussions and financial penalties for affected entities.

Oracle Health is facing criticism for its lack of transparency regarding the incident. The company is reportedly telling hospitals that they will not notify patients directly, placing the responsibility on them to determine if the stolen data violates HIPPA laws. However, Oracle Health has committed to assisting in identifying impacted individuals and providing notification templates to help with notifications.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • bsky.app: Oracle Health breach compromises patient data at US hospitals
  • BleepingComputer: A breach at Oracle Health impacts multiple U.S. healthcare organizations and hospitals after patient data was stolen from legacy servers.
  • Rescana: Executive Summary: The Oracle Health data breach significantly impacted multiple US healthcare organizations and hospitals by...
  • DataBreaches.Net: Oracle Health breach compromises patient data at US hospitals
  • The DefendOps Diaries: The Oracle Health breach highlights urgent need for healthcare IT modernization to protect patient data and comply with regulations.
  • Lobsters: Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.
  • bsky.app: A breach at Oracle Health impacts multiple U.S. healthcare organizations and hospitals after patient data was stolen from legacy servers.
  • DataBreaches.Net: Oracle customers confirm data stolen in alleged cloud breach is valid
  • BleepingComputer: A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers.
  • SecureWorld News: Alleged Oracle Cloud Breach Triggers Industry Scrutiny, Supply Chain Concerns
  • BleepingComputer: A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. This is not related to the alleged Oracle Cloud breach.
  • aboutdfir.com: Oracle customers confirm data stolen in alleged cloud breach is valid Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.
  • www.cybersecuritydive.com: Cybersecurity firms brace for impact of potential Oracle Cloud breach
  • Rescana: The Oracle Cloud breach resulted in the unauthorized access and alleged theft of 6 million records from Oracle's SSO and LDAP services,...
  • bsky.app: A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. This is not related to the alleged Oracle Cloud breach.
  • Risky Business Media: Oracle’s Health Tech division gets hacked and its customers extorted, the Italian government admits it used Paragon to spy on an NGO, a WordPress feature is being abused to silently install malicious plugins, and the Dutch public prosecutor pulls systems offline after a cyber incident.
  • DataBreaches.Net: Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
  • techxplore.com: Oracle warns health customers of patient data breach
  • www.healthcareitnews.com: Oracle Health customers notified of data compromise, reports say
  • Techzine Global: Hackers have gained access to Oracle’s computer systems. They stole patient data to extort money from several American healthcare providers, as evident from a message that the company sent to its customers. The FBI has launched an investigation.
  • aboutdfir.com: Infosec News Nuggets: Oracle Health breach compromises patient data.
  • hackread.com: Oracle Hit with Lawsuit Over Alleged Cloud Breach Affecting Millions
  • : Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed
  • techcrunch.com: Oracle has denied at least one breach, despite evidence to the contrary, as it begins notifying healthcare customers of a separate patient data breach.
  • www.csoonline.com: Oracle warns customers of health data breach amid public denial
  • The420.in: Oracle has informed customers of a second cybersecurity breach in recent weeks, involving the theft of older client login credentials. The incident, which is under investigation by the FBI and cybersecurity firm CrowdStrike, marks another challenge for the tech giant’s cloud infrastructure security.
Classification: