The main electronic attack raised concerns about the sensitive data from Oracle Cloud, the services companies they use to manage their online systems. One of the infiltrators, using the name “Rose87168”, sells six million stolen logs of Oracle systems, according to CloudSek, based in Bangallowse, Cloudsek.
However, Oracle denied any breach of cloud infrastructure.
“There was no violation of Oracle Claude,” she said.
What happened?
Pirates claims that the Oracle Cloud login system has infiltrated by exploiting the security vulnerability, and perhaps associated with the Oracle Weblogic server, which is used to run the login pages. The Cloudsek, who discovered the breach, believes that the infiltrator used a previously unknown defect to reach Oracle Cloud databases.
It is claimed that the infiltrators demanded payment from more than 140,000 companies that were affected by deleting their stolen data and asking for help from others to break the encrypted passwords, and to provide rewards in return.
Also read: 1,800 fake sites, and 167,000 fake KYC documents: inside the huge ID fraud in India
What was stolen?
According to CloudSek results, stolen data includes:
The stolen data includes: JKS files: These are the digital keys used to secure systems.
Crossed SSO passwords: These are reduced login passwords to make them more difficult to read, but it is still possible to crack.
Main files: These are special files that allow access to safe parts of the system.
Enterprise Manager JPS: These are the tools used to manage and secure large companies' systems. The infiltrator has also prepared a social media account on X (Twitter previously) and follows Oracle accounts, and perhaps to collect more information or monitor the situation.
Why is this dangerous?
This alleged violation is a big deal because:
Sensitive data has been leaked: The stolen information of the infiltrators can allow the company's systems to storm and steal more data.
Password risk: If the whipped passwords are cracking, infiltrators can log in to other systems and cause more damage.
Black -up: The infiltrators press the companies to pay the money to avoid further harm, and to create financial risks and reputation.
An unknown defect in the system: Perhaps the infiltrator has used a defect that Oracle has not known, which may leave other open -attack systems.
The risk of supply chain: stolen files of infiltrators can allow the interconnected systems to attack, which affects multiple companies.
Also read: India faces 44 % of electronic attacks per week more than the rest of the world: Point study
What can companies do?
To protect themselves, companies must:
Change passwords immediately: Update all the login approved data and make sure to use strong passwords. Enabling multiple factors (MFA) for additional security.
Investigation of penetration: Check the systems of any signs of unauthorized arrival and fix any weaknesses.
Surveillance forums forums: Monitor web sites as infiltrators share stolen data to see if their information is discussed or sold.
Call Oracle: Inform the problem to Oracle and ask for advice on providing systems and applying any necessary updates.
Security enhancement: limiting access to sensitive systems, only allowing employees who need them, and improving monitoring tools to detect unusual activity.
Also read: 4000 fake reviews in 3 months-How fraudsters falsify e-commerce platforms in India
Posted for first time: March 21, 2025 10:59 pm
