Oracle Health Hit by Data Breach, Patient Data Possibly Compromised

The incident is the latest in a growing list of third-party vendors suffering from cyberattacks.

By Jeff Wardon, Jr., Assistant Editor


Oracle Health fell victim to a data breach that is now rippling across healthcare organizations.  

The attack occurred after a hacker stole patient data from legacy Cerner servers that hadn’t been migrated to Oracle Cloud, BleepingComputer reports. The attack was detected on February 20, 2025, and was carried out via use of compromised customer credentials sometime after January 22, 2025. Data that was stolen may have included patient records. 

The hacker, using the alias "Andrew," is extorting hospitals for millions in cryptocurrency and has created public websites about the breach, BleepingComputer reports. It is unclear whether ransomware was involved. 

According to The HIPAA Journal, Oracle has yet to make an official statement regarding the breach, but people familiar with the matter have said that the company has reached out to healthcare providers whose information may have been compromised.  

Related Content: Third-Party Vendors and Networks Pose Risks for Healthcare Cybersecurity

The healthcare industry currently makes up 41.2 percent of third-party breaches, according to a Black Kite report. Reliance on vendors to handle a high value of patient data has largely been to blame for the increase in attacks.  Because of this, cyber criminals have deemed that healthcare facilities are often willing to “pay more,” Eric O’Neill, former counterterrorism and counterintelligence operative for the FBI, previously told Healthcare Facilities Today

“They are perceived as generally paying because patient care suffers when systems go down,” says O’Neill. “Cyber attackers also know that the healthcare industry maintains very critical data that can cause massive reputation-related harm and severe downstream damage in identity theft. Because of this, they're perceived as being more likely to pay to get their data back or for the cybercriminal to destroy the data and not publish it on the dark web.” 

Additionally, the U.S. government has extended the national emergency for cyberattacks from foreign sources for another year beyond April 1, 2025, according to the Federal Register. The declaration originally came on April 1, 2015, due to the growing threat of such attacks. Since then, several executive orders have been issued to address the problem due to cyber threats posing a risk to national security, foreign policy and the economy. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



April 3, 2025


Topic Area: Information Technology , Security


Recent Posts

Site Selection Mistakes: What Not To Do

Healthcare providers that treat site selection as a strategic decision, not a simple real estate deal, will be positioned for long-term success.


High-Performance EFCO Systems Shape MUSC's New Black River Medical Center

Case study: A sweeping curved-glass entrance, impact-resistant envelope and energy-efficient fenestration support a sustainable, resilient design for one of South Carolina’s newest rural hospitals.


Heritage Valley Health System to Officially Affiliate with Alleghany Health Network

With the affiliation now complete, Heritage Valley Beaver and Heritage Valley Sewickley will be rebranded.


The Impact of Acoustics on Patient Privacy

As healthcare facilities evolve toward more open and flexible care environments, acoustic privacy has become essential.


Texas Behavioral Health Center in Dallas Opens with Ribon-Cutting Ceremony

The 456,265-square-foot facility offers a variety of therapeutic, recreational and social spaces that prepare patients for life outside the hospital.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.