Oracle Confirms Cybersecurity Breach Involving Legacy Gen 1 Servers

Oracle confirmed the breach of their Gen 1 server system which exposed credentials thus raising significant concerns about legacy system security alongside cloud infrastructure security.

The Gen 1 server systems of Oracle Corporation experienced a cybersecurity breach as the company has dealt with its second disclosed incident within recent weeks. The disclosure of the breach first came from a hacker on Breachforums who revealed possession of 6 million data records that included usernames along with hashed passwords and specific credentials including SSO and LDAP information.

Through Java vulnerability from 2020 rose87168 succeeded in breaking into Oracle's Identity Manager Database leading to a malware deployment. Security experts verified the validity of the stolen part of data that Oracle confirmed remained out of storage for more than 16 months and included no complete Personally Identifiable Information (PII).

The Gen 2 servers together with core Oracle Cloud systems have not been touched in the security incident. According to cybersecurity firm CybelAngel Oracle submitted a disclosure about the breach which showed unauthorized access to outdated systems.

The attack shows that old computer systems continue to introduce security risks to organizations. The security incident affects the Cerner servers at Oracle Health amid a different breach of their systems which increases concerns regarding wider security risks within the company's network.

Oracle notified affected customers while enhancing Gen 1 server security status and demanding password change measures. The breach demonstrates that businesses need advanced security strategies to safeguard against digital risks that occur as companies make their move to new digital systems.