Warning experts about data leakage

Cloudsek’s cyber security company found in late March that a man named Rose87168 claimed to have sold six million extracted from Oracle Cloud. These data included Java Keystore-JKS files, the encrypted Single Sign-On-SSO, key files and key manager keys JPS.

CloudSek has announced that an unattended vulnerability in the login range may. (Region-Name) .Raclecloud.com has led to unauthorized access and leakage of this information. In response to the claim, Oracle rejected the leak in a statement shared by Dark Reading.

But in response to this denial, Cloudsek published more information to confirm its initial theory of information leak. “We believe that there is no proper judgment on Oracle, and we intend to publish more details to help the security community and Oracle itself to investigate the incident better,” the company said in a statement. “At CloudSek, we believe in evidence -based transparency and validation, not to create horror, but to prepare.”

CloudSek revealed that the threat factor has been able to provide an example of 2.5 lines of customer details and attack evidence. The person has uploaded a file created at login.us2.oraclecloud.com and archived the public link with his email address in a text file.

The company also conducted a background review on the server, and it was found that Oracle had leaked the service a few weeks before the leak. Based on the analysis Cloudsek, sample data included the actual information of Oracle Claude (not the test users). Also, the company confirmed that the domain in question was an integrated authentication setup. Some independent cyber security researchers have achieved similar results.

Cloudsek warned that this security influence could affect more than 5 different organizations and increase the risk of unauthorized access, corporate espionage, as well as financial and credit risks. The company and security experts are still monitoring the situation and urge Oracle to take the necessary steps by disclosing further details.