.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Informational
Advisory: Oracle Cloud Data Breach
CVE(S)
N/A
PRODUCT(S)
Sophos Central
Updated
2025 Mar 23
Article Version
2
First Published
2025 Mar 23
Publication ID
sophos-sa-20250321-oracle-cloud-data-breach
Workaround
No
Overview
On 21 March 2025, a security breach was reported by CloudSEK’s XVigil discovered a threat actor, “rose87168” claiming to have stolen 6 million records from Oracle Clouds SSO and LDAP systems affecting 140,000 tenants.
No evidence that Sophos is impacted has been identified.
Related information
Sophos Responsible Disclosure Policy
To learn about Sophos security vulnerability disclosure policies and publications, see the Responsible Disclosure Policy.