Hackers have breached Oracle Corp.’s systems, stealing patient data in an effort to extort various medical providers across the United States. This alarming incident was revealed by a source familiar with the situation and confirmed through a notification sent by Oracle to its clients.
The breach occurred sometime after January 22, when hackers accessed Oracle’s servers and copied sensitive patient information to an external location. Oracle, which provides software for managing patient records to hospitals and clinics, alerted its healthcare customers about this serious security issue.
The FBI is currently investigating the breach and the ransom demands made by the cybercriminals. However, the exact number of patient records that were stolen remains unclear, as does the number of healthcare providers targeted in this attack.
Based in Austin, Texas, Oracle has not yet commented publicly on the incident, and an FBI spokesperson has also declined to provide details. In a significant move last year, Oracle acquired Cerner Corp., a company specializing in electronic health records, for $28 billion. This acquisition was part of Oracle’s plan to modernize its offerings and transition customers to cloud services. Among its clients are major hospital chains, small clinics, and government facilities, including a notable $16 billion contract with the U.S. Department of Veterans Affairs.
According to Oracle’s notice to clients, the hackers accessed older Cerner servers, which contained data that had not yet been migrated to Oracle’s cloud platform. The company indicated that the attackers likely gained access using stolen customer credentials. Oracle became aware of the breach around February 20.
The stolen data is believed to include recent patient records from electronic medical files. Oracle has assured its clients that it will assist them in identifying the affected patients. Meanwhile, a spokesperson for the Department of Veterans Affairs confirmed that their systems were not impacted by this breach.
As the investigation continues, the healthcare sector is on high alert, reflecting ongoing concerns about cybersecurity in a field that handles sensitive personal information.