Earlier this month, a threat actor going by Rose87168 claimed to have breached Oracle Cloud’s federated SSO servers and exfiltrated around 6 million records, affecting over 144,000 Oracle clients. The hacker provided an internal customer list and threatened to sell the data unless clients paid to remove their data from the trove, which included single sign-on credentials, Lightweight Directory Access Protocol passwords, OAuth2 keys, tenant data, and more. Rose87168 has also solicited help from the hacking community to crack the hashed password in trade for some of the data.
Ok, who of you guys is working with Oracle Cloud and has not yet rerolled all API/Access Keys, passwords and so on? And what company do you happen work for? ^Just asking for a friend^
Omg we have the same friend! Also no 😬