Sure! Here’s the translation into American English:
The tech giant confirms unauthorized access to a legacy system and warns users about potential risks associated with the use of reused passwords.
Oracle Corporation has confirmed a new cybersecurity breach, the second in less than a month, after detecting unauthorized access to an obsolete computer system and the theft of login credentials belonging to customers. The incident, reported in early April 2025, follows a prior breach that affected the healthcare sector, raising serious concerns about the company’s cyber resilience.
An Aging Environment, But Not Harmless
The company has detailed that the compromised system was a legacy environment that had been inactive for approximately eight years, and the stolen data includes usernames, access keys, and encrypted passwords, some of which date back to 2024. Although Oracle claims that due to the age and obsolescence of the system, the associated risk is minimal, cybersecurity experts insist that the threat should not be underestimated.
The primary risk lies in password reuse. If the extracted credentials are used on other platforms or services, they could be exploited by cybercriminals in credential stuffing attacks, a common technique used to access modern systems using old data.
Ongoing Investigation and Alleged Extortion Attempt
Oracle has indicated that the FBI and the security firm CrowdStrike are collaborating on a thorough investigation. According to sources close to the case, the attacker allegedly attempted to extort the company by demanding ransom for the stolen data, though no details have been disclosed regarding the nature of the demands or whether the company has complied.
Separate yet Concerning Breaches
Oracle has emphasized that this incident is not related to the previous security breach, revealed in March, in which patient data of healthcare sector clients was affected. In that case, it also involved an intrusion into data storage systems containing sensitive information.
Both breaches occur at a critical time when large organizations are facing a sustained increase in cyberattacks, calling into question the effectiveness of security policies of tech giants with years of industry experience.
Recommendations for Customers
While Oracle maintains that the stolen credentials should not pose an active threat, experts agree that it is crucial to act cautiously. Recommended measures include:
- Change the passwords for associated accounts, especially if reused across different platforms.
- Implement multi-factor authentication (MFA) to enhance access security.
- Review the use of password managers to avoid insecure patterns and facilitate the use of unique keys.
- Monitor for any unusual activity on accounts related to Oracle or other business services.
Conclusion
The double exposure in less than 30 days puts Oracle at the center of the debate regarding the management of legacy systems and the security of sensitive information. As investigations progress, the company will have to redouble its efforts to restore trust among its customers and partners. For their part, affected organizations should review their internal security policies and evaluate the potential exposure of their data, even when it is part of seemingly unused systems.