TZUTC: -0500   
   MSGID: 852.consprcy@1:2320/105 2c53e001   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Oracle admits second major security breach, user login data stolen   
      
   Date:   
   Thu, 03 Apr 2025 10:52:00 +0000   
      
   Description:   
   Oracle says breach only affects old data, but some reports disagree.   
      
   FULL STORY   
      
   Oracle has apparently suffered its second cyberattack in a month, but the   
   company is downplaying its importance.    
      
   A Bloomberg report citing two people familiar with the matter has claimed   
   Oracle told some of its customers a threat actor compromised its IT   
   infrastructure and stole client login credentials.    
      
   At the same time, Reuters is reporting that an unidentified threat actor    
   tried to sell the stolen data on the dark web, claiming to have stolen it    
   from Oracles Austin, Texas premises.    
      
   Old data    
      
    Bloomberg also reported that Oracle told some of its clients that the FBI    
   was notified, and that CrowdStrike was brought in to investigate.    
   Furthermore, the clients were notified that this is not the same incident    
   that s truck healthcare customers in March 2025 . Finally, the attacker also   
   tried to extort Oracle for the stolen data.    
      
   Oracle has hinted that the data isnt that relevant, however, claiming that    
   the compromised system was not used for eight years. Therefore, the    
   conclusion is that the data found there is outdated and poses little risk.    
      
   However, there were Oracle customer login credentials from as recently as   
   2024.    
      
   We would say that leaked login data is always a problem, regardless of if its   
   ten years, or ten days old. Besides, many organizations never change their   
   login credentials, or reuse the same passwords across a myriad of other   
   services, in which case such a database could prove a gold mine for   
   brute-force or credential stuffing attacks.    
      
   At press time, Oracle has not yet addressed the media reports, but we have   
   contacted the company for comment.   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/oracle-admits-second-major-security-bre   
   ach-user-login-data-stolen   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426