It’s raining hacks all over and has been so for quite some time, the nature of the enterprises and the sectors notwithstanding. Given the precarious situation we are in, the logical step would have been to bring all the stakeholders together, putting their hearts and mind, and finding a solution. A bare minimum starts with battling it out, whatever might be the consequences. The battle has to be taken to the enemy’s territory, otherwise we will keep taking punches, and then offer homilies. The world has decided to keep mum when your neighbour, competitor or any known company is hacked.
What do you do when it comes to you? The standard practice is a stoic silence till the time it does not become public domain knowledge. If it does, the parroted reply is that they are aware of it, though critical data has not been impacted, they are doing to set it right at the earliest and would keep the customers informed and due process of law is being followed. It is easier said than done. While this drama keeps getting enacted the hacks keep getting crazier and literally spinning out of control. In March 2025, Oracle Corporation experienced two significant cybersecurity incidents impacting its cloud infrastructure and healthcare services.
Oracle health data breach occurred on or after January, 2025, which was detected by the company on February 20, 2025 and the customers were informed in early March 2025. As if one of was enough a second data breach also creeped up. On March 21, 2025, a threat actor claimed to have infiltrated 6 million records from the Oracle Cloud. How did it all happen? Attackers in the Oracle Health Breach, used stolen customer credentials to access legacy Cerner servers, which had not yet migrated to Oracle Cloud. The specific vulnerabilities exploited remain undisclosed.
In the case of Oracle Health Breach, the threat actors purportedly exploited a vulnerability in the Oracle Access Manager, potentially CVE-2021-35587 to gain unauthorised access. The patch if any and the knowledge thereof, remains undisclosed, as in the case Oracle Cloud breach. Unlike this case, attackers in the case of Oracle Health attackers used customer credentials to access Cerner servers, which had not yet migrated to Oracle Cloud. In this too the specific vulnerabilities exploited remained undisclosed. Cerner was acquired on June 8, 2022 and for many years the migration to Oracle Cloud remained pending. If this is the fate of renowned companies, then what would be the fate of lesser mortals!
IF HACKS ARE TREATED AS MINOR CYBER CRIMINAL SURGICAL OPERATIONS, WE ARE IN FOR ROUGH TIMES AHEAD.
Sanjay Sahay
Have a nice evening.