The database contained up to 1.4 million records of a personal nature such as social security numbers, birth dates, names and addresses etc. According to a spokesman:
"investigators know a malicious hacker exploited a vulnerability in "commercially available database software" and compromised the computer, but they don't know if the attack was targeted, speculating that malicious hackers possibly discovered the system by scanning for machines running vulnerable versions of the database software."
We do not know if this database is an Oracle database or an MS SQL database or another database. It more than likely wasn't but it doesn't really matter to the rest of us. This item should be a warning to all those who run Oracle databases, even if this issue was not involving Oracle. Any database that is exposed to the Internet or even a wide area network and if that database has not been patched then it is vulnerable to this sort of attack.
Hackers are out there writing scripts to find vulnerable databases with known vulnerabilities. Do not let them get yours.