In a move that confirms what many feared, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning regarding a breach that compromised Oracle’s public cloud infrastructure—weeks after Oracle initially denied it. The agency is urging Oracle users to reset credentials and scrutinize authentication logs for any signs of unauthorized activity.

News about the security problem first appeared, and Oracle eventually admitted it happened. The issue was with two old login servers that Oracle did not update. This allowed a hacker to break in and take a large amount of important information. The stolen data included encrypted passwords, authentication tokens, and encryption keys. Though Oracle downplayed the breach in a letter to customers, it’s now facing a lawsuit in Texas for allegedly failing to notify affected users in a timely manner.

CISA issued an advisory on Wednesday, calling the breach a potential risk to enterprise systems—especially in cases where organizations reused credentials or embedded them in scripts and applications. The agency stressed the importance of implementing phishing-resistant multi-factor authentication and warned against hardcoding login information into software and infrastructure resources.

“The compromise of credential material… can pose significant risk to enterprise environments,” CISA noted, leaving no room for ambiguity about the stakes involved.

The breach highlights a concerning issue: even the largest tech companies can make mistakes, and when security problems happen, they often don’t inform people right away, or sometimes they don’t inform them at all. This incident strongly reminds customers that, in addition to trusting cloud services, they need to be careful and check everything themselves.

Oracle and CISA have not disclosed further information, and their silence is eloquent. Since we still do not know how serious the breach is, users are now forced to go through their systems, re-evaluate their security practices, and remain vigilant.