🔥 Oracle’s Hack: Denial, Deletion, and Data Leaks 🔥

What’s shaping up to be one of the messiest cyber incidents of the year has Oracle under fire — not just for being breached, but for how it's handling the aftermath.

🧨 The spicy part:

In March 2025, a hacker going by “rose87168” put 6 million Oracle customer records up for sale on BreachForums. We're talking usernames, encrypted SSO and LDAP credentials, Java Keystore files, and Enterprise Manager keys.

Oracle’s response? A flat-out denial, telling BleepingComputer:

“There has been no breach of Oracle Cloud.”

But… that didn’t age well.

🔍 Leaks validated

Cybersecurity firms like Trustwave and CybelAngel confirmed the leaked data as authentic.

Meanwhile, Oracle Health customers began leaking internal memos acknowledging that legacy Cerner systems were affected — systems still waiting to be migrated to the cloud.

🧽 Evidence wiped?

Top infosec voices like Kevin Beaumont and Jake Williams claim Oracle used the Internet Wayback Machine exclusion process to remove content related to the breach.

Not only was Oracle’s response vague and semantic (splitting hairs between “Oracle Cloud” and “Oracle Cloud Classic”), but the attempt to erase digital footprints has sparked backlash across the security community.

❌ Denial, deception, destruction

The unholy trinity of what not to do in breach response.

📉 Reputational fallout

Clear, honest, and transparent communication matters — especially when customers, regulators, and the entire cybersecurity community are watching.

👉 At Galink, we help companies assess, monitor, and anticipate vendor-related risks through a simple, effective, and continuous Vendor Risk Management solution.

Because today, your trust chain is only as strong as its weakest link.