Posted On March 31, 2025 Consumer Privacy & Data Breaches
March 31 – The Oracle data breach lawyers at Console & Associates, P.C are investigating the data breach that was reported after the company was targeted in recent cyber security attacks. The Oracle data breaches potentially resulted in unauthorized access to sensitive patient information and other confidential data of certain individuals being compromised. In one of the incidents, it is believed to have impacted as many as six million records, according to claims from the unauthorized party.
According to reports from BleepingComputer, Oracle has experienced two separate data security incidents affecting different parts of its business operations.
The first incident involves Oracle Health (formerly Cerner), the company’s healthcare division that provides electronic health record technology to hospitals and medical facilities. Oracle Health discovered unauthorized access to their systems on February 20, 2025. Forensic investigators determined that the breach began a month earlier, on January 22, 2025, when an unknown party used stolen credentials to access a legacy Cerner server and extract data that potentially contained sensitive patient information.
The second incident reportedly involves Oracle Cloud infrastructure. An unauthorized party claims to have exploited a vulnerability in Oracle Access Manager to gain access to an Oracle Cloud server last month. The party alleges they exfiltrated approximately six million records from this server. While several companies have confirmed that sample data contains genuine information related to their accounts, Oracle has denied any breach of its Cloud platform, stating that none of the leaked credentials relate to Oracle Cloud.
While Oracle has not yet made public announcements regarding either incident, the company has begun privately notifying affected healthcare providers about the Oracle Health breach. If the company’s investigation confirms that consumer information was exposed in either incident, Oracle will be required to send out data breach notification letters to all affected individuals.
Oracle Corporation is a global technology enterprise that delivers a comprehensive suite of software solutions, cloud systems, and database technologies. Established in 1977 and currently headquartered in Austin, Texas, Oracle has evolved from its origins as a database software company into a diversified technology provider.
The company’s core business includes enterprise software products including database management systems, enterprise resource planning (ERP) software, customer relationship management (CRM) applications, and supply chain management solutions. Following its acquisition of Cerner in June 2022 (now rebranded as Oracle Health), the company expanded significantly into the healthcare technology sector, providing electronic health record systems to medical facilities worldwide.
Oracle’s cloud computing division offers Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions to businesses across various industries. The company maintains a global workforce of approximately 143,000 employees and reported annual revenues of $49.9 billion in fiscal year 2023.
Our data breach lawyers are eager to speak to victims of the Oracle data breach to determine what damages they sustained and what compensation may be available to them. If you recently received a NOTICE OF DATA BREACH from Oracle and would like a free consultation, contact the Console & Associates, P.C. law firm at (866) 778-5500 to discuss your legal options, or submit a confidential contact form.
