Oracle Health Data Breach Exposes Patient Information At US Hospitals
byRounak JainBenzinga Staff Writer
March 29, 2025 2:56 PM
2 min read
Take Stock Of The Week Ahead

Get all the latest Share Market trends and news to set you up for the week ahead.

A recent data breach at Oracle Health has compromised sensitive patient information from multiple U.S. hospitals. The breach, involving legacy servers not yet migrated to Oracle Corp. ORCL Cloud, was discovered in February.

What HappenedOracle Health, formerly known as Cerner, provides Electronic Health Records (EHR) and business systems for healthcare organizations.

The breach occurred when a threat actor accessed servers using compromised credentials after Jan. 22, 2025, and transferred data to a remote location. This data potentially included patient records, according to a BleepingComputer report.

Although Oracle Health has not publicly acknowledged the breach, they have informed affected customers through private communications.

The company has stated it will assist in identifying impacted individuals and provide notification templates, but it is up to the hospitals to determine if HIPAA laws require patient notifications.

See Also: Ontario Premier Doug Ford Supports Retaliatory Tariffs Amid US Auto Levy: ‘Inflict As Much Pain As Possible’

The report adds that Oracle Health’s communication regarding the breach has been criticized for lacking transparency.

Notifications were not on official letterhead, and customers were directed to communicate with the Chief Information Security Office by phone only.

Oracle Health has agreed to cover credit monitoring costs but will not send notifications on behalf of hospitals.

Oracle did not immediately respond to Benzinga's request for comment.

Why It Matters: This breach at Oracle Health is part of a broader trend of increasing cyberattacks targeting sensitive data.

In April, a massive data breach exposed personal information of nearly 3 billion individuals, leading to a class action lawsuit.

Similarly, in February 2024, NorthBay Healthcare Corporation experienced a breach that exposed the personal, medical, and financial records of over 569,000 Americans.

The breach at Oracle Health underscores the critical need for robust cybersecurity measures, especially as healthcare organizations increasingly rely on digital systems for storing sensitive patient information.

Read Next:

Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.

Photo courtesy: Shutterstock

© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

Comments
NewsHealth CareTechbenzinga neuroCybersecuritydata breachOracle Health
© 2025 Benzinga | All Rights Reserved