After the recent debate regarding Oracle denying it had a breach, which seems to now be taken more seriously with FBI involvement, here’s another strange one.

See if you can figure out the contradiction:

Oracle staff acknowledged to some clients this week that an attacker had gotten into a legacy environment, Bloomberg News report said. The company informed customers that the system has not been in use for eight years and that the stolen client credentials therefore pose little risk, the report added. The stolen data included Oracle customer log-in credentials from as recently as 2024, the report said.

The article states:

1. “system has not been in use for eight years”
2. “customer log-in credentials from as recently as 2024”

These two statements directly contradict each other. If the system hasn’t been used for 8 years (no data since 2017), then where do credentials from 2024 come into the picture?