Best Reviews logo
Best products
Best VPN Services of 2025 Best Password Managers of 2025 Best VoIP Systems of 2025 Best Online Fax Services of 2025 Best Mac Optimization Apps of 2025
VPN
NordVPN Surfshark IPVanish ExpressVPN CyberGhost VPN All reviews
Password managers
RoboForm LastPass 1Password Keeper NordPass All reviews
VoIP
RingCentral 800.com Nextiva VoiPLy Talkroute All reviews
Mac optimization
CleanMyMac MacKeeper MacBooster CCleaner All reviews
Faxing
eFax FAX.PLUS MetroFax MyFax SRFax All reviews
Medical alerts
Medical Guardian MobileHelp LifeFone Medical Alert Lifeline All reviews
Background checks
TruthFinder Spokeo PeopleFinders Intelius Instant Checkmate All reviews
Webinars
EverWebinar WebinarJam Demio Livestorm Zoho Webinar All reviews
AI
BetterPic Grammarly SaneBox Manychat Freshchat
Disclaimer: We sustain our work & review products through paid collaborations.
Best Reviews
Oracle Suffers Second Massive Data Breach Within One Month

Oracle Suffers Second Massive Data Breach Within One Month

By Daniel C. Daniel C. | Verified  Mary P. Mary P.
Discussions
Last updated:

Oracle allegedly told some of its customers that it suffered a second major data breach, in which the bad actor stole old client log-in credentials, as reported by Bloomberg on April 2nd.

This news comes just a month after a hacker with the handle “rose87168” was caught by CloudSEK’s XVigil selling six million records exfiltrated from Oracle Cloud’s SSO and LDAP – considered the biggest supply chain of 2025 (so far).

The database from the first attack (reported on March 21st) contained information on JSK files, encrypted SSO passwords, key files, and enterprise manager JSP keys, affecting over 140,000 tenants.

Big data technology

Although Oracle completely denied the breach, CloudSEK published further evidence in a later post.

When it comes to the second attack, Oracle reported that the stolen credentials were from a server that hadn’t been operating for several years. However, the report mentioned that some of the credentials are from 2024.

Protecting your business from these data breaches

Considering how Oracle has been responding to these data breaches, we can’t say for certain that the company is taking good care of its customers’ data.

We all know that a data breach can break a business (especially smaller ones), so it’s imperative to take matters into your own hands.

Cyber security

If you’re an Oracle user, the first steps you should take are:

  • Change all SSO, LDAP, and associated passwords.
  • Enforce multi-factor authentication in your team.
  • Investigate thoroughly if there has been any unauthorized access and mitigate risks.
  • Contact your customers and let them know what is happening. Send out updates as you find new information and reassure them you’re doing everything in your power to understand the extent of the breach.
  • Monitor the dark web and forums to keep track of updates in the leaked data.

Oracle is just one of the many companies suffering data breaches. Since we can’t stop using cloud tools and develop everything in-house, we recommend reading our quick guide on how to protect your business from supply chain attacks.

Daniel C.
Daniel C.

At age five, Daniel had his first contact with a computer. Since then, his love for technology has never wavered. Although he graduated in Management, it was only when he created his Anime blog that he fell in love with content management. Five years later and he’s now the Content Manager at Best Reviews. When not getting trophies on PlayStation or watching Anime, you’ll find Daniel either reading a good book, gardening, or at the beach getting a tan.

View more from this author

Discussions

Share your thoughts, ask questions, and connect with other users. Your feedback helps our community make better decisions.

©2012-2025 Best Reviews, a clovio brand – All rights reserved