Numerous healthcare providers across the U.S. had their patient data compromised following an attack against the legacy data migration servers of major healthcare software-as-a-service firm Oracle Health, previously known as Cerner, initially discovered late last month, reports BleepingComputer.
While Oracle Health only detailed the potential exfiltration of patient information from electronic health records following attackers' exploitation of breached customer credentials in private notifications to affected organizations, data theft has been confirmed by various sources close to the matter, who noted that millions of dollars worth of cryptocurrency demanded by an alleged non-ransomware affiliate named "Andrew" to avert the sale or leak of the stolen information. Impacted healthcare organizations have also reportedly expressed concern over the inadequate transparency shown by Oracle Health in handling the incident, with the firm neither publicly acknowledging the breach nor offering written reports regarding the attack. Such a development comes as organizations validated data purportedly stolen from Oracle Cloud's federated single sign-on login servers after the firm's categorical denial of such a breach.
