OracleCMS faces cyber security breach; data exposed by Lockbit 3.0

OracleCMS, a prominent outsourcing provider, has disclosed a cyber-security incident, revealing unauthorized access by a third party, resulting in the exposure of certain data, some of which have been made public. Following the discovery, OracleCMS swiftly engaged external cyber-security specialists to bolster its systems and delve into the breach, aiming to contain its impact.

According to the company’s statement, the compromised data primarily comprises corporate records, contract particulars, invoices, and operational workflows. While acknowledging the possibility of incidental personal information, OracleCMS asserts it likely consists of basic contact details found in contracts and invoices, posing a minimal risk of misuse.

In response to the breach, OracleCMS has contacted affected client organizations, pledging to collaborate closely with them to identify individuals needing assistance mitigating potential data misuse risks. The outsourcing provider operates call centers across major Australian cities, including Melbourne, Adelaide, Perth, Brisbane, and Sydney.

Expressing regret over the incident, OracleCMS apologized for any concerns raised and affirmed its commitment to transparency and ongoing communication with stakeholders throughout the incident response process.

Notably, the cyber-security breach has been attributed to the ransomware group Lockbit 3.0, which previously issued ultimatums to OracleCMS. Despite attempts to negotiate, as indicated in the company’s statement, such efforts appear unsuccessful.