1. Forum
  2. FidoNet
  3. CONSPRCY

  • Oracle admits second majo

    From Mike Powell@1:2320/105 to All on Thu Apr 3 10:14:00 2025
    Oracle admits second major security breach, user login data stolen

    Date:
    Thu, 03 Apr 2025 10:52:00 +0000

    Description:
    Oracle says breach only affects old data, but some reports disagree.

    FULL STORY

    Oracle has apparently suffered its second cyberattack in a month, but the company is downplaying its importance.

    A Bloomberg report citing two people familiar with the matter has claimed Oracle told some of its customers a threat actor compromised its IT infrastructure and stole client login credentials.

    At the same time, Reuters is reporting that an unidentified threat actor
    tried to sell the stolen data on the dark web, claiming to have stolen it
    from Oracles Austin, Texas premises.

    Old data

    Bloomberg also reported that Oracle told some of its clients that the FBI
    was notified, and that CrowdStrike was brought in to investigate.
    Furthermore, the clients were notified that this is not the same incident
    that s truck healthcare customers in March 2025 . Finally, the attacker also tried to extort Oracle for the stolen data.

    Oracle has hinted that the data isnt that relevant, however, claiming that
    the compromised system was not used for eight years. Therefore, the
    conclusion is that the data found there is outdated and poses little risk.

    However, there were Oracle customer login credentials from as recently as
    2024.

    We would say that leaked login data is always a problem, regardless of if its ten years, or ten days old. Besides, many organizations never change their login credentials, or reuse the same passwords across a myriad of other services, in which case such a database could prove a gold mine for
    brute-force or credential stuffing attacks.

    At press time, Oracle has not yet addressed the media reports, but we have contacted the company for comment.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/oracle-admits-second-major-security-bre ach-user-login-data-stolen

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)