Tech giant Oracle is under intense scrutiny following reports of two separate security incidents, one involving Oracle Health and another concerning Oracle Cloud servers. Despite mounting evidence and growing concerns, the company has been largely silent, with critics accusing it of downplaying the severity of the breaches.
Oracle Health Breach Puts Patient Data at Risk
The more recent breach involves Oracle Health, the healthcare technology arm formed after Oracle’s $28 billion acquisition of Cerner in 2022. The breach reportedly compromised patient data, though the extent of the exposure remains unclear.
According to reports from Bloomberg and Bleeping Computer, Oracle informed some healthcare clients in March that hackers had gained unauthorized access to legacy servers and stolen sensitive information.
“We are writing to inform you that, on or around February 20, 2025, we became aware of a cybersecurity event involving unauthorized access to some amount of your Cerner data that was on an old legacy server not yet migrated to the Oracle Cloud,” read Oracle’s notification to affected customers.
Cybercriminals are now attempting to extort hospitals, demanding millions in ransom in exchange for the stolen data, according to multiple sources.
Lack of Transparency Fuels Concerns
An anonymous Oracle employee revealed to TechCrunch that even internal teams were left in the dark about the breach.
“My team was not able to access customers’ environments for a number of days. My concern is not just with the patient data breach. Access through hosts allows any and all access to what is hosted, obviously,” the employee said.
Beyond health records, the compromised servers may have housed HR and financial data, raising broader security concerns. The employee added that they had to rely on Reddit and internal Slack channels for information, claiming Oracle leadership dismissed the issue internally.
“I felt super ignored. The attitude was: ‘Nothing to see here, move right along.’”
While some teams were eventually given official communication guidelines for clients, the lack of immediate transparency has sparked outrage.
Oracle Cloud Breach Allegations Intensify
Separate from the Oracle Health breach, another major security concern has emerged regarding Oracle Cloud servers. In this case, Oracle has outright denied that a breach took place, despite growing evidence to the contrary.
Earlier this month, a hacker using the alias “rose87168” claimed to have obtained data from 6 million Oracle Cloud users, including authentication details and encrypted passwords. The hacker even uploaded proof on an Oracle Cloud server, further raising suspicions.
Despite this, Oracle maintains that its cloud platform remains secure, stating:
“There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.”
However, multiple Oracle Cloud customers have since verified that the leaked credentials match their own, contradicting Oracle’s denial.
Cybersecurity Experts Call Out Oracle’s Response
Cybersecurity expert Kevin Beaumont criticized Oracle’s response, calling it an attempt to “wordsmith” statements rather than acknowledge responsibility.
“This is a serious cybersecurity incident that impacts customers in a platform managed by Oracle,” Beaumont wrote in a blog post.
“Oracle needs to clearly, openly, and publicly communicate what happened, how it impacts customers, and what they’re doing about it.”
Security researcher Lisa Forte echoed these concerns, writing on Bluesky:
“If this ends up being true, and I struggle to see how it won’t, this is a very, very bad look.”
What’s Next for Oracle?
With two high-profile security incidents unfolding simultaneously, Oracle is facing mounting pressure to address concerns transparently. If the company continues to downplay the situation, it risks damaging its reputation, customer trust, and regulatory standing.
Cybersecurity professionals, affected clients, and industry analysts will be watching closely to see whether Oracle steps up, or if customers start stepping away.
