FBI investigates as Oracle health data breach exposes patient information

Editor's Note

Cybercriminals breached a legacy server at Oracle Health, stealing patient data from multiple hospitals and health systems, according to a March 31 article in Healthcare Executive. The breach, discovered around February 20, occurred before Oracle migrated the affected server from Cerner's system to Oracle Cloud.

According to the article, the breach was first reported by BleepingComputer, which cited private communications between Oracle Health and impacted customers, as well as conversations with involved parties. Bloomberg later confirmed the story, noting that the FBI is actively investigating the incident.

Oracle Health confirmed the data breach but has yet to determine the full scope of the compromised information. The responsibility to notify affected patients directly reportedly will fall to healthcare providers, who must assess whether the data falls under HIPAA protection. Oracle has stated it will assist with the identification and notification process if needed.

An individual known as "Andrew" has allegedly extorted affected hospitals, demanding millions in cryptocurrency under the threat of selling stolen data on the dark web, Healthcare Executive reports. As of Monday, no stolen data had appeared for sale online.