At CyberStreams, we specialize in protecting small businesses—law firms, universities, non-profits, and manufacturers—from the kind of cyber threats that escalate when tech giants fail to act responsibly. In early 2025, one of the biggest names in enterprise technology, Oracle, suffered not one but two major data breaches. Their response? Silence.

This lack of disclosure isn’t just alarming—it’s dangerous.

The Timeline of Trouble

On January 22, hackers breached Oracle Health, compromising patient data stored on outdated legacy servers. According to Bloomberg, attackers extorted U.S. medical providers using the stolen information.

Then on March 20, a hacker going by “rose87168” announced the theft of 6 million records from Oracle Cloud. The stolen data included SSO and LDAP credentials—exposing over 140,000 Oracle Cloud tenants, according to security firm CloudSEK. Despite strong evidence, Oracle has denied the breach and failed to report either incident to the U.S. Securities and Exchange Commission (SEC).

The Fallout

The Oracle Health breach, discovered on February 20, stemmed from stolen credentials used to access highly sensitive medical records. Hacker “Andrew” is now reportedly demanding millions in cryptocurrency from affected hospitals (BleepingComputer).

The second breach was even more sophisticated. It exploited a known vulnerability in Oracle Fusion Middleware, enabling attackers to extract sensitive data and create files directly on Oracle’s servers. Multiple victims have confirmed the stolen data is real—directly contradicting Oracle’s denial of any cloud compromise.

Under SEC rules effective since December 2023, Oracle was required to disclose these breaches by filing a Form 8-K within four business days. Their failure to do so not only violates federal regulations—it puts millions at risk.

What This Means for Your Business

Let’s be clear: this isn’t just Oracle’s problem. This is a wake-up call for every business that depends on third-party vendors to manage sensitive data.

If you’re a law firm, client confidentiality is now in jeopardy. A manufacturer could face supply chain attacks if credentials are compromised. As the 2024 Verizon DBIR report confirms, 74% of breaches involve stolen credentials—and Oracle’s silence turns a preventable crisis into a ticking time bomb.

At CyberStreams, we’ve seen how transparency (or the lack of it) directly impacts your ability to respond to threats. Oracle’s response delays action, multiplies risk, and leaves companies like yours exposed.

What You Should Do Now

Here are three critical next steps your business can take to protect itself:

1. Rotate Credentials Now
   Reset all passwords and SSO tokens for accounts linked to Oracle services.

2. Audit Third-Party Risks
   Review your vendors—especially Oracle—for compliance and potential security gaps. Don’t assume big names mean strong protection.

3. Monitor for Dark Web Leaks
   Scan for your data on the dark web. Leaked credentials often surface here first, giving you a crucial window to act.

Conclusion: Silence Is Not a Security Strategy

Oracle’s failure to come clean about these breaches isn’t just irresponsible—it’s dangerous. In today’s threat landscape, transparency and swift action are essential. When those we trust with our data fail us, the consequences can be catastrophic.

At CyberStreams, we don’t just watch from the sidelines—we help you take action. Whether it’s securing your credentials, auditing your vendors, or scanning the dark web for threats, we’re here to help you stay ahead of breaches—even when your vendors won’t admit to them.

Don’t wait for Oracle to do the right thing. Protect your business now.