Oracle Health denies cloud breached as second attack confirmed

Chad Van Alstin | | Health Exec | Cybersecurity
cybercrime

Oracle Health has denied claims that its cloud was breached by hackers, telling customers in a letter that media reports to the contrary are false.

Bloomberg has seen the letter, quoting it as saying: “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data.”

However, citing sources familiar with the matter, the outlet provided new details about the breach. According to their coverage, the hack involved multiple incidents, with Oracle customer login credentials taken from a company server during the breaches.

According to the source, the credentials taken by the criminals date to as recently as last year. Stolen information included usernames, passkeys and encrypted passwords.

It is not yet clear if protected patient data was stolen, despite Oracle sending a notice to hospitals and health systems alerting them to the first breach.

Oracle is reportedly working with the FBI and CrowdStrike, a cybersecurity firm, to conduct an investigation.

BleepingComputer was the first to break the news, reporting Oracle informed its customers that the initial breach was identified in February and was limited to a legacy Cigna server, implying that it was only operational before Cigna’s transition into Oracle Health. The EHR vendor was acquired by Oracle in 2022.

Hospitals and health systems have since been extorted by a nefarious actor calling himself “Andrew,” who threatened to leak stolen data online if a ransom was not paid in cryptocurrency.

A blog post from cybersecurity research firm Trustwave claims the data is already for sale on the dark web. Further, despite Oracle’s denial, the firm stated that the data appears to be user information from within the Oracle Cloud.

HealthExec has reached out to Oracle Health for clarification but has yet to receive a response.

The methods of attack and full scope of the breaches remains unknown. 

More Cybersecurity News:

Data breach at Oracle Health leads to extortion of hospitals
Change Healthcare files to have federal lawsuits dismissed
ChatGPT exploit could cause data breaches in healthcare, experts warn
Lehigh Valley Health Network to pay $65M after nudes of patients leaked online
Report: Ransomware landscape changing, attacks down 16% since 2023
Chad Van Alstin Health Imaging Health Exec
Chad Van Alstin

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Related Content

Cyberattack on nonprofit health system triggers scam calls to patients
Epic sued over alleged 'scheme to destroy' managed care company
Amazon One Medical employees viewed health data of man in wrongful death case
Independent provider group hit by cyberattack, delays patient care
Blue Shield’s advertising integration exposes data on 4.7M members to Google
Cyberattack on Yale New Haven Health exposes 5.6M patients

Around the web

Cardiovascular Business
Cardiology employment models undergoing a dramatic shift

Gerald G. Blackwell, MD, MBA, MedAxiom's president and CEO, examined how different cardiology employment models look today compared to even a decade ago.

Cardiovascular Business
Original Banksy artwork headed to auction—proceeds will help fund heart research

The piece in question, which features a red heart-shaped balloon, has an unusual origin story, even by Banksy’s standards. 

Cardiovascular Business
Cardiology groups among the many voices asking Congress not to cut Medicaid

More than 40 U.S. healthcare organizations are urging Congress not to make sweeping Medicaid cuts that could result in approximately 7.6 million Americans losing health insurance.