"The biggest supply chain hack of 2025" — contradictions behind alleged data theft from Oracle. African nations are actively pursuing information security. Kenya has published a draft cybersecurity strategy as part of its digital transformation process, and the Togo Data Commissioner has begun operations.
A major security incident supposedly occurred at the end of the first quarter, sparking heated debates and discussions. During the second half of March, a threat actor claimed to have breached Oracle's cloud infrastructure and stolen sensitive data. Preliminarily, an intruder had accessed 6 million records regarding 140,000 tenants. Company officials have denied any allegations of the incident, but security researchers say the evidence indicates otherwise.
The intruder claims to exfiltrate large trove of sensitive data including:
The adversary claims that SSO and LDAP passwords can be decrypted. Thus, the leaked data can be used for authentication and security within Oracle Cloud services. Stolen records can be used by malicious actors to facilitate further supply chain attacks.
Oracle has stated that there are no security concerns regarding customer data exposure. In contrast, researchers advise paying attention to the potential threat. Yet, if the rumors are proven to be true, Oracle clients may need to change their passwords in order to protect themselves from potential attacks that could exploit disclosed credentials.
Should the leak be verified, it will be the biggest supply chain threat of 2025, potentially affecting companies all over the globe.
As time goes on, the first consequences of the alleged data breach can be seen. On the 24th of March, the Cybersecurity Council of the UAE Government confirmed that the national cybersecurity systems have successfully repelled cyberattacks on governmental and business entities.
Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, said that 634 organizations in the UAE may be affected by Oracle’s breach. The Council urged all government and private institutions to bolster up their defenses, increase cyber readiness levels, and report any detected suspicious activity.
Meanwhile, African countries continue to develop legal frameworks, ensuring data protection. The Kenyan Ministry of Interior and National Administration has published the revised draft of the National Cybersecurity Strategy for 2025-2029. This strategy aims to enhance cyber resilience, implement a comprehensive approach to incident response, and protect critical infrastructure. Some key updates to the draft include the integration of AI, public-private collaboration, and advanced incident response measures.
The draft National Cybersecurity Strategy is a part of a broader Kenyan digital transformation initiative. In March 2025, the Ministry of ICT and the Digital Economy launched the National Artificial Intelligence (AI) Strategy 2025-2030. The project is backed by KES 152 billion (around $1 billion), approximately 0.8% of Kenyan GDP. More than half of the sum is planned to be spent on the construction of critical digital infrastructure, including a national computing cluster “AI cloud” and a national optic fiber backbone.
Data protection is a top priority for African countries as well. On the 28th of March, Togo’s Personal Data Protection Authority, IPDCP, officially launched activities with the start of an awareness-raising program. The Authority was established by Law No. 2019-014 on the Protection of Personal Data.
IPDCP starts its mission with a massive awareness campaign to improve citizens’ knowledge of their rights and mechanisms to protect against the misuse of their data. “Our mission is first to educate citizens about the protection of their personal data and privacy,” said Lieutenant-Colonel Bediani Béléi, the Head of the Personal Data Protection Authority. Furthermore, in the next step, IPDCP plans to ensure regulatory compliance. The Authority can enforce administrative sanctions for violations of the DPA Law, including withdrawal of authorization, fines, and criminal prosecution.
Togo achieved major successes in cybersecurity in the last years. According to the 2024 edition of the International Telecommunication Union Global Cybersecurity Index, the country scored 88.8 points out of 100.
A proactive approach to information security is essential. The disclosure of sensitive files can cause significant damage to a company. The integration of DCAP and DLP systems ensures reliable protection against internal threats and helps with regulatory compliance.If your company needs assistance navigating the complexity of laws and regulations, our Managed Security Service (MSS) can help. MSS ensures compliance with regulatory requirements and ensures implementation of comprehensive and advanced information security measures.
Start your free 30-day trial now and conduct a security audit in your organization today.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!