Austin, Texas — Oracle Corporation has notified its clients about a second cybersecurity breach within the past month, according to a report by Bloomberg News. The breach involved a hacker infiltrating an older Oracle system and stealing login credentials from customer accounts, some dating back to as recently as 2024.
The tech company reportedly told customers that a legacy environment—a system no longer in active use for about eight years—had been accessed by an attacker. Although Oracle assured clients that the environment had been dormant, the data taken included valid login credentials, posing a potential security risk, especially if users had not updated or deactivated those accounts.
This follows a previous breach last month, where an unidentified person attempted to sell stolen Oracle data online, leading to internal investigations. That incident, too, involved data taken from Oracle’s cloud servers based in Austin, Texas.
ALSO READ: Now Open: Pan-India Registration for Fraud Investigators!
Oracle disclosed to some clients that the Federal Bureau of Investigation (FBI) and cybersecurity company CrowdStrike Holdings are currently investigating the latest incident. The attacker is believed to have demanded an extortion payment, sources told Bloomberg.
Importantly, Oracle has stated that the two breaches are unrelated. The earlier breach impacted certain healthcare sector clients, while this one stemmed from an older, inactive system, the company claimed.
While Oracle has not issued a public statement yet, Reuters reported that the company informed clients directly and emphasized that the impact is limited due to the age of the system involved.