Oracle attempt to hide cybersecurity incident from customers?

Oracle told Bleeping Computer, and customers, “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data” The threat actor then posted an archive.org URL and provided it to Bleeping Computer, strongly suggesting they had write access to login.us2.oraclecloud.com, a service using Oracle Access Manager. This server is entirely managed by Oracle: Oracle have since requested Archive.org take down the proof: The threat actor then provided a several hour long recording of an internal Oracle meeting, complete with Oracle employees talking for two hours: The meeting is viewable here and the transcript is here: https://github.com/j-klawson/oracle_breach_2025/blob/main/youtube_video_transcript.txt The two hour video includes things like accessing internal Oracle password vaults, and customer facing systems: I’ve masked the root passwords of Oracle’s systems Both Hudson Rock and Bleepin ... Read full article.