A hacker operating under the alias “rose87168” has claimed responsibility for a significant security breach of Oracle Cloud Infrastructure, alleging the theft of approximately 6 million records associated with over 140,000 tenants. The compromised data reportedly includes sensitive information such as Java KeyStore files, encrypted Single Sign-On passwords, and Lightweight Directory Access Protocol credentials.

Despite these assertions, Oracle has publicly denied any breach of its cloud services. However, cybersecurity researchers have presented evidence supporting the hacker’s claims. Analyses suggest that the breach may have exploited a critical vulnerability in Oracle Access Manager, specifically CVE-2021-35587, allowing unauthorized access to sensitive data.

Further complicating the situation, reports indicate that Oracle has informed clients of a separate recent hack involving the theft of old customer login credentials. This incident, reportedly under investigation by the FBI and cybersecurity firm CrowdStrike, is said to be unrelated to the current allegations.

As investigations continue, Oracle Cloud users are advised to remain vigilant, monitor their accounts for unusual activity, and consider updating their security credentials to mitigate potential risks.