Oracle—Suffered major cloud security breach affecting 140,000 tenants and allegedly delayed notification
In January 2025, Oracle Cloud suffered a significant security breach exploiting a Java vulnerability. An attacker deployed malware into Oracle's Identity Manager database, exfiltrating sensitive authentication data including usernames, hashed passwords, SSO credentials, and LDAP passwords from over 140,000 Oracle Cloud tenants. Multiple lawsuits filed in March-April 2025 alleged Oracle intentionally withheld information about the breaches, with substantial delays violating mandatory notification requirements.
Scoring Impact
| Topic | Direction | Relevance | Contribution |
|---|---|---|---|
| Corporate Transparency | -against | secondary | -0.50 |
| Data Security | -against | primary | -1.00 |
| Overall incident score = | -0.322 | ||
Score = avg(topic contributions) × significance (high ×1.5) × confidence (0.57)× agency (negligent ×0.5)
Evidence (1 signal)
Multiple lawsuits filed alleging Oracle concealed cloud security breaches affecting 140,000+ tenants
In early 2025, Oracle Cloud suffered a significant security breach exploiting a Java vulnerability to deploy malware into Oracle's Identity Manager database. Attackers exfiltrated usernames, hashed passwords, SSO credentials, and LDAP passwords from over 140,000 tenants. Lawsuits allege Oracle intentionally withheld breach information, violating mandatory notification requirements. CISA issued guidance in response.