Ethical Hacking News
Oracle is facing a class action lawsuit in Texas over alleged data breaches, with plaintiffs alleging that the company violated state data breach notification laws and failed to protect sensitive information. The case highlights the ongoing concerns about cloud security and the need for greater accountability from cloud service providers.
Oracle is facing a class action lawsuit in the US District Court for the Western District of Texas, alleging data breach notification law violations. The plaintiffs claim Oracle failed to design and implement adequate network security measures, leading to compromised personally identifiable information and personal health data. The case targets an alleged breach of Oracle Cloud, although it also refers to the Oracle Health breach. Plaintiffs seek financial compensation, commitments from Oracle to improve security, and mitigation costs for Toikach. Oracle denies any breach occurred, claiming the stolen data is available on the dark web; the company disputes Toikach's claims of inadequate security measures.
Oracle, one of the world's leading cloud computing and enterprise software companies, is currently facing a class action lawsuit in the United States District Court for the Western District of Texas. The plaintiffs, led by Floridian Michael Toikach, are alleging that Oracle violated Texas state data breach notification laws in not informing them of alleged breaches within 60 days of becoming aware of one. This case marks a significant development in the ongoing debate about cloud security and the responsibility of cloud service providers to protect their customers' sensitive information.
According to the complaint filed by Shamis & Gentile, the law firm representing Toikach, Oracle failed to design and implement adequate network security measures, train its staff on data security, detect an intrusion within a reasonable time frame, or use security tools capable of preventing such attacks. As a result, personally identifiable information (PII) and a wide variety of personal health data were compromised in the alleged breaches.
Toikach, who claims to take data protection seriously and typically stores his private information in a safe and secure location, had unknowingly provided his private information to Oracle for use in its services. He alleges that he would not have done so if he had known that his private information would be maintained using inadequate data security systems.
The case specifically refers to an alleged breach of Oracle Cloud, although it also alludes to the Oracle Health breach. The plaintiffs are seeking financial compensation for out-of-pocket costs and damages, as well as commitments from Oracle to improve its security posture. They argue that Toikach anticipates spending considerable time and money on an ongoing basis to try to mitigate and address harms caused by the data breaches.
Lawyers cited various articles highlighting data breach victims' negative financial experiences, arguing that Toikach is at a present risk and will continue to be at increased risk of identity theft and fraud for years to come. The complaint further states that Oracle's silence on the matter exacerbates these claims, as the company has not yet informed Toikach or other customers of a breach, clarified whether it was able to maintain the security of his data, or explained how the alleged incident occurred.
In response to this lawsuit, Oracle has maintained its position that no breach occurred and that the alleged pilfered information is in fact for sale on the dark web. The company has also claimed that its security measures are adequate and that it has not failed to meet cyber-grade standards. However, Toikach and others who may join the case argue that these claims are disingenuous and that Oracle's actions demonstrate a clear disregard for data protection.
The case of Toikach vs. Oracle highlights the ongoing concerns about cloud security and the need for greater accountability from cloud service providers. As more individuals and organizations move their sensitive information to the cloud, there is an increasing need for robust security measures to protect this data. The fact that Oracle has been accused of pedantry in its response to this lawsuit only serves to underscore the importance of transparency and cooperation in addressing data breaches.
In conclusion, the class action lawsuit against Oracle raises significant concerns about cloud security and the responsibility of cloud service providers to protect their customers' sensitive information. As the debate around cloud computing continues to evolve, it is essential that companies like Oracle prioritize data protection and take concrete steps to improve their security posture.
Related Information:
https://www.ethicalhackingnews.com/articles/Oracle-Faces-Class-Action-Amid-Alleged-Data-Breaches-A-Texas-Sized-Lawsuit-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/04/02/oracle_breach_class_action/
https://www.msn.com/en-us/news/other/oracle-faces-texas-sized-lawsuit-over-alleged-cloud-snafu-and-radio-silence/ar-AA1C8Vjv
https://hackread.com/oracle-lawsuit-over-cloud-breach-affecting-millions/
Published: Wed Apr 2 08:41:16 2025 by llama3.2 3B Q4_K_M
