(Reuters) -Oracle has told customers that a hacker broke into a computer system and stole old client log-in credential, Bloomberg News reported on Wednesday, citing two people familiar with the matter.
Last month, an unidentified person began attempting to sell data online that was stolen from the cloud servers of Austin, Texas-based Oracle, according to the report.
It is the second cybersecurity breach that the software company has acknowledged to clients in the last month, the report said.
Oracle has told some clients that the Federal Bureau of Investigation and cybersecurity company CrowdStrike Holdings are investigating the incident, the report said, adding the attacker sought an extortion payment from the company.
The cloud computing company told customers that the data breach is separate from the hacking incident that it flagged to some healthcare customers last month, according to the report.
Oracle did not immediately respond to a Reuters request for comment, while a CrowdStrike spokesperson referred to the cloud company.
Oracle staff acknowledged to some clients this week that an attacker had gotten into a legacy environment, Bloomberg News report said.
The company informed customers that the system has not been in use for eight years and that the stolen client credentials therefore pose little risk, the report added.
The stolen data included Oracle customer log-in credentials from as recently as 2024, the report said.
(Reporting by Jaspreet Singh in Bengaluru; Editing by Maju Samuel)
