Oracle has since requested Wayback Machine (Archive.org) to take down the archived URL. Independent cybersecurity researchers are taking to the internet to criticize Oracleās efforts at coverup. Meanwhile, the threat actor posted a long video of an internal Oracle meeting, presumably from the breach, solidifying their claims.
āIn cybersecurity, denial doesnāt neutralize the danger, transparency does,ā CloudSEK co-founder and CEO Rahul Sassi told CSO. āThis investigation is not about blame, itās about accountability. Itās about empowering every security team, every customer, and every vendor in the supply chain to act before attackers do.ā Affected data from the breach included JKS files, encrypted SSO passwords, key files, and enterprise manager JPS keys, according to CloudSEK. While SSO passwords could be cracked with other breached files, LDAP passwords were encrypted and the threat actor, in their post, sought help with decoding them in exchange for some compromised data.
