A recent data breach at Oracle Health has compromised sensitive patient information from multiple U.S. hospitals. The breach, involving legacy servers not yet migrated to Oracle Corp. ORCL Cloud, was discovered in February.

What Happened: Oracle Health, formerly known as Cerner, provides Electronic Health Records (EHR) and business systems for healthcare organizations.

The breach occurred when a threat actor accessed servers using compromised credentials after Jan. 22, 2025, and transferred data to a remote location. This data potentially included patient records, according to a BleepingComputer report.

Although Oracle Health has not publicly acknowledged the breach, they have informed affected customers through private communications.

The company has stated it will assist in identifying impacted individuals and provide notification templates, but it is up to the hospitals to determine if HIPAA laws require patient notifications.

The report adds that Oracle Health’s communication regarding the breach has been criticized for lacking transparency.

Notifications were not on official letterhead, and customers were directed to communicate with the Chief Information Security Office by phone only.

Oracle Health has agreed to cover credit monitoring costs but will not send notifications on behalf of hospitals.

Oracle did not immediately respond to Benzinga's request for comment.

Why It Matters: This breach at Oracle Health is part of a broader trend of increasing cyberattacks targeting sensitive data.

In April, a massive data breach exposed personal information of nearly 3 billion individuals, leading to a class action lawsuit.

Similarly, in February 2024, NorthBay Healthcare Corporation experienced a breach that exposed the personal, medical, and financial records of over 569,000 Americans.

The breach at Oracle Health underscores the critical need for robust cybersecurity measures, especially as healthcare organizations increasingly rely on digital systems for storing sensitive patient information.

