Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Oracle says “nope” to hacker’s data breach claims

The alleged haul includes encrypted SSO passwords, Java keystore (JKS) files, key files, enterprise manager JPS keys, and more.

byKerem Gülen
March 25, 2025
in Cybersecurity, News
Home News Cybersecurity

Oracle is pushing back against claims of a cyberattack after a hacker boasted about stealing millions of records from the company’s servers. The data, allegedly swiped from Oracle’s Cloud federated SSO login servers, surfaced on the dark web in mid-March 2025.

The threat actor, going by the alias rose87168, posted an archive containing 6 million data records, including a sample database, LDAP information, and a list of companies.

Oracle, however, flatly denied the breach, stating, “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.”

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

Encrypted SSO passwords

Rose87168 is now trying to sell the archive, demanding either an undisclosed sum or zero-day exploits in return.

The alleged haul includes encrypted SSO passwords, Java keystore (JKS) files, key files, enterprise manager JPS keys, and more. The hacker claims, “The SSO passwords are encrypted, they can be decrypted with the available files. also LDAP hashed password can be cracked.”


Orange Group data breach: Every step explained


Rose87168 added, “Companies can pay a specific amount to remove their employees’ information from the list before it’s sold.” and mentioned that all companies involved will be listed.

Prior to peddling the stolen archive, rose87168 apparently tried to squeeze 100,000 XMR (Monero) out of Oracle. Still, negotiations fell apart since the company demanded details to “fix and patch,” and since the threat actor allegedly did not share them.

The threat actor reportedly showed BleepingComputer a URL for Internet Archive as proof. This showed that they had sent a.txt file holding their email address to the login.us2.oraclecloud.com server.


Featured image credit

Tags: Oracle

Related Posts

Nvidia and OpenAI announce landmark 0 billion partnership, igniting global stock rally

Nvidia and OpenAI announce landmark $100 billion partnership, igniting global stock rally

September 23, 2025
Perplexity Max gets email assistant for Gmail and Outlook

Perplexity Max gets email assistant for Gmail and Outlook

September 23, 2025
Germany seeks to block Apple, Google from EU’s FiDA

Germany seeks to block Apple, Google from EU’s FiDA

September 23, 2025
Created by Humans licenses author content to AI firms

Created by Humans licenses author content to AI firms

September 23, 2025
Sentinelone finds malterminal malware using OpenAI GPT-4

Sentinelone finds malterminal malware using OpenAI GPT-4

September 23, 2025
FBI warns of fake IC3 websites stealing data

FBI warns of fake IC3 websites stealing data

September 23, 2025

LATEST NEWS

Nvidia and OpenAI announce landmark $100 billion partnership, igniting global stock rally

Perplexity Max gets email assistant for Gmail and Outlook

Germany seeks to block Apple, Google from EU’s FiDA

Created by Humans licenses author content to AI firms

Sentinelone finds malterminal malware using OpenAI GPT-4

FBI warns of fake IC3 websites stealing data

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.