FBI Investigates Oracle Health Data Breach Targeting Legacy Servers

Hackers accessed patient data from legacy Cerner systems, with stolen information reportedly used to extort U.S. medical providers.

Oracle Health confirmed a breach of legacy Cerner servers in February 2025, involving unauthorized access to patient data.
Hackers exploited stolen customer credentials to copy data to a remote server, though the full scope of the breach remains unclear.
The FBI is investigating the incident, with reports indicating that stolen patient data was used to extort U.S. healthcare providers.
Oracle Health has not publicly disclosed the breach, instead communicating privately with impacted organizations and placing the burden of notifying patients on hospitals.
The breach highlights vulnerabilities in legacy systems not yet migrated to Oracle's modern cloud infrastructure, raising broader concerns about healthcare cybersecurity.