Home » Other » General » Supposed OCI data breach
Supposed OCI data breach [message #690332] Wed, 26 March 2025 11:51 Go to next message
John Watson
Messages: 8974
Registered: January 2010
Location: Global Village
Senior Member
There has been a lot of noise about Oracle OCI being hacked, it all starts with this:

https://www.cloudsek.com/blog/the-biggest-supply-chain-hack-of-2025-6m-records-for-sale-exfiltrated-from-oracle-cloud-affecting-over- 140k-tenants

Uncle Oracle denies it,

https://www.theregister.com/2025/03/23/oracle_cloud_customers_keys_credentials/

To me, it seems unlikely that the story is correct. It is predicated on the "fact" that an internet facing OCI service was running on WebLogic 11. Out of support for years. I would be astonished if that could even run current versions of related products.

However, I am having to deal with requests from customers to change all passwords and keys pronto and of course I have to do this. Any thoughts? Could the story be true, or could it be some idiot trying to get clicks by publishing rubbish?


Re: Supposed OCI data breach [message #690334 is a reply to message #690332] Thu, 03 April 2025 13:53 Go to previous message
Frank Naude
Messages: 4596
Registered: April 1998
Senior Member
We were asked to change our passwords. However, it is unlikely to be true. Even if you give someone your OCI password, they would not be able to log in without you authorizing the connection through 2FA.
Previous Topic: MOS and MFA
Next Topic: Monitoring Oracle
Goto Forum:
  


Current Time: Wed Apr 23 15:55:41 CDT 2025