.png)
23 hours ago
8 BOOK THIS SPACE FOR AD
ARTICLE ADSpecialist class action lawyers have launched proceedings against Oracle in Texas over two alleged data breaches.
Floridian Michael Toikach is named as the only plaintiff in law firm Shamis & Gentile's class action against the cloud giant, although the case is representing others who are similarly affected.
Lawyers demanded a jury trial in the US District Court for the Western District of Texas, where Oracle's headquarters are located in Austin.
One of the primary claims made by the plaintiffs, among many others, is that Oracle violated Texas state data breach notification laws in not informing the alleged victims of a breach within 60 days of becoming aware of one.
The case specifically refers to the alleged breach of Oracle Cloud, or Oracle Cloud Classic, as the tech company put it in a carefully worded statement, and it also alludes to health information being affected in the alleged Oracle Health breach, although this doesn't appear to be the main focus of the case.
Oracle's alleged security failings were blamed for the loss of personally identifiable information (PII) and a "wide variety" of personal health data, and Oracle's silence on the matter exacerbates these claims, the case argues.
Toikach alleges that Oracle has not yet informed him or other customers of a breach, clarified whether it was able to maintain the security of his data, or explained how the incident occurred.
"All of this information is vital to victims of a data breach, let alone a data breach of this magnitude due to the sensitivity and wide array of information compromised in this specific breach," the case [PDF] reads.
The plaintiff additionally made a flurry of claims about Oracle's security posture, including its alleged failure to design and implement adequate network security, train staff on data security, detect an intrusion within a reasonable time frame, or use security tools capable of preventing this kind of attack.
Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed Oracle Health reportedly warns of info leak from legacy server There are 10,000 reasons to doubt Oracle Cloud's security breach denial Oracle Cloud says it's not true someone broke into its login servers and stole dataLawyers cited various articles highlighting data breach victims' negative financial experiences, arguing that Toikach anticipates "spending considerable time and money on an ongoing basis to try to mitigate and address harms caused by the data breach."
"As a result of the data breach, plaintiff is at a present risk and will continue to be at increased risk of identity theft and fraud for years to come."
Toikach and others who may join the case are seeking financial compensation for out-of-pocket costs and damages, as well as commitments from Oracle to improve its security posture.
The Broward County resident claims to take data protection seriously and is very careful about sharing his private information, which he typically stores in a safe and secure location, according to the complaint.
"Plaintiff greatly values his privacy, and would not have provided his private information, undertaken the services, and paid the amounts that he did if he had known that his private information would be maintained using inadequate data security systems."
The Register contacted Oracle for a response. ®
Bengali (Bangladesh) · 
English (United States) ·