FBI Investigates Oracle Health Data Breach Targeting Legacy Servers
Hackers accessed patient data from legacy Cerner systems, with stolen information reportedly used to extort U.S. medical providers.
- Oracle Health confirmed a breach of legacy Cerner servers in February 2025, involving unauthorized access to patient data.
- Hackers exploited stolen customer credentials to copy data to a remote server, though the full scope of the breach remains unclear.
- The FBI is investigating the incident, with reports indicating that stolen patient data was used to extort U.S. healthcare providers.
- Oracle Health has not publicly disclosed the breach, instead communicating privately with impacted organizations and placing the burden of notifying patients on hospitals.
- The breach highlights vulnerabilities in legacy systems not yet migrated to Oracle's modern cloud infrastructure, raising broader concerns about healthcare cybersecurity.