Oracle Denies Massive Data Theft As Hacker Allegedly Sells 6M Records - Cisco Systems (NASDAQ:CSCO), Orac

Oracle Cloud is suspected to have suffered a significant cyberattack, leading to the theft of 6 million records. These records are reportedly being sold by a hacker. Oracle, however, has firmly denied any such breach.

What Happened: A hacker going by the pseudonym "rose87168" is purportedly selling 6 million records stolen from Oracle’s systems. This claim was initially brought to light by a cybersecurity firm, CloudSEK, based out of India’s Bengaluru. The firm also called it the ‘Biggest supply chain attack of 2025’

Oracle has staunchly refuted these allegations, and told the Bleeping Computer that none of its Cloud customers have been affected and that the leaked credentials do not pertain to Oracle Cloud.

Despite Oracle’s denial, cybersecurity experts advise businesses using Oracle services to implement preventive measures to safeguard their sensitive data. As per CloudSEK’s report, this could potentially be the largest supply chain hack of 2025, targeting Oracle Cloud and impacting more than 140,000 tenants across various sectors and regions.

The breach was reportedly linked to the login endpoint login.(region-name).oraclecloud.com, exposing a dataset that included Java KeyStore (JKS) files, encrypted SSO passwords, key files, and Enterprise Manager JPS keys.

Since January 2025, the hacker has been selling sensitive data, attempting to decrypt stolen credentials, and extorting companies for data deletion fees. As perCloudSEK, the hacker also created an X page to broaden their reach by following Oracle-related accounts and tracking their targets.

Why It Matters: The reported exposure of 6 million records presents major risks for organizations, including large-scale data breaches, corporate espionage and unauthorized access. Decrypted SSO and LDAP passwords could allow attackers to infiltrate Oracle Cloud environments and exploit supply chain vulnerabilities by targeting interconnected systems.

Businesses face high stakes as the hacker "rose87168" pressures over 140,000 tenants with extortion demands, using an X page to amplify threats and target Oracle-related accounts. This incident follows a trend of increased cyberattacks, such as the exploits by the Chinese hacker group, Salt Typhoon on Cisco (NASDAQ:CSCO).

Oracle holds a momentum rating of 65.86% and a growth rating of 62.87%, according to Benzinga’s Proprietary Edge Rankings. The Benzinga Growth metric evaluates a stock's historical earnings and revenue expansion across multiple timeframes, prioritizing both long-term trends and recent performance. For an in-depth report on more stocks and insights into growth opportunities, sign up for Benzinga Edge.

READ MORE: Zuckerberg Says 2025 Will Be The Year An AI Assistant Hits 1 Billion Users—And He Wants It To Be Meta AI

Image via Shutterstock

Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.

CSCOCisco Systems Inc

Market News and Data brought to you by Benzinga APIs

To add Benzinga News as your preferred source on Google, click here.