The Oracle legacy breach and the future of cloud data protection
According to sources, Austin-based Oracle Corporation experienced two data breaches this year.
One of those allegedly occurred in early 2025, when a threat actor using the alias rose87168 claimed to have infiltrated a legacy Oracle Cloud Classic environment. Oracle initially denied any breach occurred, as reported by several news organizations.
According to the threat actor, the breach began with the compromise of an unpatched Oracle Cloud Classic server—part of Oracle’s Gen1 infrastructure. In an email exchange with BleepingComputer, the attacker said they used “a public CVE (flaw) that does not currently have a public PoC or exploit.”
