Oracle is a public company. Public companies must file data breaches with the SEC or they can get into some hot water. They are not ran by smart people.
Oracle hid serious data breach from customers, now hacker has it up for sale
Submitted 3 weeks ago by zaxvenz@lemm.ee to technology@lemmy.world
https://www.techspot.com/news/107362-oracle-hid-serious-data-breach-customers-now-hacker.html
Comments
TedDallas@programming.dev 3 weeks ago
phoenixz@lemmy.ca 3 weeks ago
You mean the SEC in the US? You’re kidding right? Nobody cares about any of that anymore. Does the SEC even still exist? Worst case scenario, Oracle just gives some money to Cheeto and they’re done
TedDallas@programming.dev 3 weeks ago
Yes. It exists. Whether or not they are actively enforcing anything during the current administration is open to question. The fortune 10 company I work for takes the SEC seriously.
corsicanguppy@lemmy.ca 3 weeks ago
They are not ran by smart people
not ran
Glass house?
GeeDubHayduke@lemmy.dbzer0.com 3 weeks ago
Never heard of ESL, or autocorrupt? Maybe put your rocks down, sweetheart.
Mora@pawb.social 3 weeks ago
I hope Oracle will finally send out mails to the affected customers. No idea if I am affected as Oracles login process is so convoluted that I have no desire to deal with it or understand it.
lazynooblet@lazysoci.al 3 weeks ago
fmstrat@lemmy.nowsci.com 3 weeks ago
Just assume you are.
timewarp@lemmy.world 3 weeks ago
Because they can hide it & not face any consequences.
AlecSadler@sh.itjust.works 3 weeks ago
The number of clients I’ve worked with who are “stuck” with Oracle passes the 50% mark and I’m just one person.
One company said that Oracle offered them a de-obfuscation tool to migrate elsewhere for a mere $2M. Absurd.
Fuck Oracle.
MonkderVierte@lemmy.ml 3 weeks ago
Uh, what, you can’t just pull your data and move elsewhere?
AnUnusualRelic@lemmy.world 3 weeks ago
In that market, it might be a decent deal.
elvith@feddit.org 3 weeks ago
Ok, who of you guys is working with Oracle Cloud and has not yet rerolled all API/Access Keys, passwords and so on? And what company do you happen work for? ^Just asking for a friend^
dangercake@feddit.uk 3 weeks ago
Omg we have the same friend! Also no 😬
derpgon@programming.dev 3 weeks ago
I wonder how many of those companies - that are stuck with Oracle due to legacy software - have just too many keys to reroll that they just won’t do it. Mainly due to everything being a manual process.
elvith@feddit.org 3 weeks ago
At least we’re constantly told to be ready to act to reroll secrets, etc and try to automate the change/deployment of changed passwords and such.
Depending on the system you’re working with, this may still be a PITA, but at least we do have plans for even the “problematic” systems and we have probably done this a few times. Although maybe not at this scale, tbh.
So, imagining I were tasked to do that for $hyperscaler in “my” systems… I feel some dread, as even if everything is automated ä, there’s always something that doesn’t go as planned - but at least I know what can be done in which way and which timeframe is realistic (and which parts will be the most sensitive). If you do not have plans, well… Good luck. You’ll need it.
phoenixz@lemmy.ca 3 weeks ago
CTO and CEO should be jailed for this.
If I fuck up this bad that it actively hurts people, then lie about it and hide it, I go to jail
Same rules must apply to managers and top level.
LOCK THEM UP
dreadbeef@lemmy.dbzer0.com 3 weeks ago
Limited liability
phoenixz@lemmy.ca 2 weeks ago
Fuck. That. Shit.
If YOUR company commits crimes, you go to jail. You can’t just start peddling fantanyl drugs to little kids and they say oh wow, that sucks, well, it’s an LLC so I’m totally innocent!
pneumatron@sh.itjust.works 3 weeks ago
Is there anything American that’s worth a shit anymore?
Stovetop@lemmy.world 3 weeks ago
Fuck Oracle.