
Rapid Response Status
Real-time updates of Rapid Response issues and outages
Rapid Response status is Operational
Rapid Response
Active Incidents
No active incidents
Recently Resolved Incidents
On March 21, 2025, A major security incident was reported involving Oracle Cloud’s authentication systems. A threat actor known as “rose87168” has claimed responsibility for the breach, alleging the theft of 6 million records affecting over 140,000 tenants. The compromised data is said to include:
- JKS (Java KeyStore) files
- Encrypted SSO and LDAP credentials
- JPS (Java Platform Security) keys
The attacker claims to have accessed login endpoints belonging to Oracle: login.<region-name>.oraclecloud.com
While Oracle has publicly denied that a breach occurred, multiple independent sources have claimed to have verified the authenticity of the stolen data, which allegedly contains production information from impacted customers.
This incident remains under active evaluation, we are committed to providing timely updates, insights, and recommendations to ensure our customers remain secure. A detailed AXON report outlining our findings, insights, and recommended actions will be shared upon the conclusion of our Rapid Response efforts.
If you have any questions or concerns, please do not hesitate to contact us.
Sincerely, Team AXON
Rapid Response Outage Survival Guide
Rapid Response Components
Rapid Response
On March 21, 2025, A major security incident was reported involving Oracle Cloud’s authentication systems. A threat actor known as “rose87168” has claimed responsibility for the breach, alleging the theft of 6 million records affecting over 140,000 tenants. The compromised data is said to include:
- JKS (Java KeyStore) files
- Encrypted SSO and LDAP credentials
- JPS (Java Platform Security) keys
The attacker claims to have accessed login endpoints belonging to Oracle: login.<region-name>.oraclecloud.com
While Oracle has publicly denied that a breach occurred, multiple independent sources have claimed to have verified the authenticity of the stolen data, which allegedly contains production information from impacted customers.
This incident remains under active evaluation, we are committed to providing timely updates, insights, and recommendations to ensure our customers remain secure. A detailed AXON report outlining our findings, insights, and recommended actions will be shared upon the conclusion of our Rapid Response efforts.
If you have any questions or concerns, please do not hesitate to contact us.
Sincerely, Team AXON