Doubts emerge: So far so good regarding Oracle’s denials, except that the hacker subsequently shared data showing their access to login.us2.oraclecloud.com, a service that is part of the Oracle Access Manager, the company’s IAM system used to control access to Oracle-hosted systems.It also emerged that some of the leaked data appeared to be from 2024 or 2025, casting doubt on Oracle’s claim that it was old.So, was Oracle’s main OCI platform breached or not? Not everyone is convinced by the company’s flat denials. According to prominent security researcher Kevin Beaumont, the company was basically “wordsmithing” the difference between the Oracle Classic servers it admits were breached, and OCI servers, which it still maintains were not.”Oracle rebadged old Oracle Cloud services to be Oracle Classic. Oracle Classic has the security incident,” noted Beaumont in a dissection of the incident and Oracle’s response on Medium.”Oracle are denying it’s on ‘Oracle Cloud’ by using this scope but it’s still Oracle cloud services, that Oracle manage. That’s part of the wordplay.” Oracle had also quietly contacted multiple customers to confirm some kind of breach, he said.This leaves interested parties with the unsatisfactory sense that something untoward has happened, without it being clear what.For now, Oracle is sticking to its guns that its main OCI platform is not involved, but perhaps the confusion could have been avoided with better communication.Suffering a breach is hugely challenging for any organization but it sometimes pales beside the problems of communicating with customers, journalists, and the army of interested researchers ready to pick apart every ambiguity. Weeks on from the breach becoming public, those ambiguities have yet to be fully cleared up.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3959636/oracle-admits-breach-of-obsolete-servers-denies-main-cloud-platform-affected.html
