Follow us
Search
Tรผrkรงe
๐Ÿ—ž๏ธ News - April 2, 2025

Oracle Health Data Breach Affects US Hospitals

Oracle Health data breach impacts US hospitals, with patient data reportedly stolen from legacy servers. Cybersecurity concerns rise. ๐Ÿฅ๐Ÿ”’

๐ŸŒŸ Stay Updated!
Join AI Health Hub to receive the latest insights in health and AI.

Facebook X-twitter Linkedin Telegram
Overview of the Incident

A recent breach at Oracle Health has reportedly compromised patient data across several healthcare organizations and hospitals in the United States. The breach involved the theft of data from legacy servers by a cybercriminal.

Details of the Breach
  • Oracle Health has not yet made a public announcement regarding the breach.
  • Private communications to affected customers confirmed that patient data was stolen.
  • The breach was identified on February 20, 2025, involving unauthorized access to data on legacy Cerner servers.
  • The notification stated that the breach occurred on servers not yet migrated to the Oracle Cloud.
How the Breach Occurred

According to Oracle, the threat actor gained access using compromised customer credentials after January 22, 2025, and transferred data to a remote server. The stolen data may include sensitive patient information from electronic health records (EHRs).

Impact on Healthcare Organizations
  • Multiple sources have confirmed that patient data was indeed stolen during the attack.
  • Oracle Health has informed hospitals that they will not directly notify patients, leaving it to the hospitals to assess if HIPAA regulations were violated.
  • Oracle Health is providing assistance to identify affected individuals and offering templates for notifications.
Ongoing Extortion

Reports indicate that the affected hospitals are facing extortion from an individual known as โ€œAndrew,โ€ who has not claimed affiliation with any recognized ransomware groups. This individual is demanding a substantial sum in cryptocurrency to prevent the release or sale of the stolen data.

Oracle’s Response

Oracle Health, which was formerly known as Cerner, provides healthcare software solutions, including EHRs, to hospitals and healthcare organizations. Following its acquisition by Oracle in 2022, Cerner was integrated into Oracle Health, with its systems transitioning to the Oracle Cloud.

Previous Security Concerns

Oracle has previously denied claims of breaches affecting its public cloud services, despite allegations of stolen security keys being advertised on cybercrime forums. A spokesperson reiterated that there has been no breach of Oracle Cloud and that no customers experienced data loss.

Conclusion

As the situation develops, Oracle Health has yet to provide a comprehensive response to the breach. The lack of transparency has raised concerns among affected organizations regarding the handling of the incident.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close
Search

Hit enter to search or ESC to close