Oracle Data Breach Class Action

At Console & Associates, our data breach lawyers are closely examining the recent Oracle data breaches. These security incidents were disclosed following cyber security attacks at Oracle, which may have affected as many as six million individuals according to claims by unauthorized parties, potentially exposing sensitive personal identifiable information including patient health data.

What Happened?

Recent reports from BleepingComputer indicate that Oracle has experienced two separate data security incidents affecting different divisions of the company.

The first incident involves Oracle Health (formerly Cerner), the company's healthcare division that provides electronic health record (EHR) technology to hospitals. On February 20, 2025, Oracle Health discovered a cyberattack that forensic investigators traced back to January 22, 2025. During this period, an unauthorized party used stolen credentials to access a legacy Cerner server and extracted data that potentially included sensitive patient information.

In what appears to be an entirely separate incident, an unauthorized party claims to have exploited a vulnerability in Oracle Access Manager to penetrate an Oracle Cloud server. This party alleges they exfiltrated approximately six million records containing confidential information. While several companies have verified that sample data contains legitimate information related to their accounts, Oracle has issued denials regarding any breach of its Cloud platform.

While Oracle has not yet made public announcements about either incident, the company has begun privately notifying affected healthcare providers about the Oracle Health breach. If investigations confirm consumer information was compromised, formal data breach notification letters will be sent to affected individuals.

Steps To Take If You Were Affected By A Data Breach

1. Monitor all accounts and credit reports closely
   1. Set up alerts for suspicious activity
   2. Review all financial statements thoroughly
   3. Request free credit reports and examine them for unauthorized entries
      
      
2. Consider freezing your credit
   1. Contact all three major credit bureaus to place a freeze
   2. Understand this prevents new accounts from being opened in your name
   3. Remember to temporarily lift the freeze when applying for legitimate credit
      
      
3. Look out for phishing attempts using information from the Oracle data breach
   1. Be wary of unexpected emails or messages claiming to be from Oracle
   2. Don't click on suspicious links or download unexpected attachments
   3. Verify all communications through official channels
      
      
4. Change passwords for affected accounts
   1. Create strong, unique passwords for each account
   2. Use a combination of letters, numbers, and special characters
   3. Consider using a password manager for better security
      
      
5. Enable two-factor authentication where possible
   1. Add this extra layer of security to all important accounts
   2. Use authenticator apps rather than SMS when available
   3. Keep backup codes in a secure location

For more detailed guidance, explore our “Guide for Victims of a Data Breach” to better understand measures you can take to protect yourself after a data breach.

Oracle Overview

Oracle Corporation operates as a global technology enterprise providing database software, enterprise systems, and cloud computing services across multiple industries. Founded in 1977, the company has evolved from its origins as a database company into a diversified technology provider with headquarters in Austin, Texas after relocating from California in 2020.

The organization's business is structured around several key divisions, including Oracle Database, Oracle Cloud Infrastructure (OCI), enterprise applications, and more recently, healthcare technology. In June 2022, Oracle completed a significant acquisition of Cerner, a leading provider of electronic health record systems, which was subsequently rebranded as Oracle Health.

The company's core products and services include relational database management systems, middleware software, enterprise resource planning (ERP) applications, customer relationship management (CRM) solutions, and supply chain management systems. In the cloud computing space, Oracle offers Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions to businesses worldwide.

With approximately 143,000 employees globally, Oracle serves clients across industries including financial services, manufacturing, retail, telecommunications, healthcare, and government sectors. The company reported revenues of $49.9 billion for fiscal year 2023, securing its position as one of the largest technology corporations in the world.

Oracle Data Breach Victims Have Rights - Don’t Wait to Act

How do you know that you were affected by the Oracle data breach? Usually victims receive a NOTICE OF DATA BREACH in the mail, but the impact of a breach can be felt long before notices are sent to those affected. This can be in the form of fraudulent financial activity and other forms of identity theft.

If you believe you were affected, we encourage you to reach out to our data breach law firm for legal assistance through a no-cost consultation about your situation. We will review your eligibility to file a data breach class action lawsuit and discuss your legal rights and any compensation that may be available to you.

Complete our confidential contact form below and a member of our legal team will be in touch.