breach

Oracle Says “obsolete Servers” Hacked, Denies Cloud Breach

Oracle confirmed hacking of “obsolete servers,” denying any impact on its cloud services or customer data. Hackers accessed and leaked user credentials from outdated infrastructure, asserting no usability of exposed passwords. Cybersecurity experts question Oracle's terminology, suggesting the breach pertains to legacy systems still managed by the company, which has not clarified server specifics. Recent breaches include compromised patient data from Oracle Health.

https://www.bleepingcomputer.com/news/security/oracle-says-obsolete-servers-hacked-denies-cloud-breach/

Oracle Privately Confirms Cloud Breach to Customers

Oracle confirmed to customers a breach involving the theft of old client credentials from a legacy system last used in 2017. Despite Oracle's claim that the data isn't sensitive, it appears the attacker accessed more current data and sold it online. Investigations are ongoing with the FBI and CrowdStrike. Additional data breaches at Oracle Health impacted U.S. healthcare organizations, with extortion threats against hospitals for acquired patient data. Oracle has consistently denied any breach in its current cloud services, focusing instead on older, legacy platforms.

https://www.bleepingcomputer.com/news/security/oracle-privately-confirms-cloud-breach-to-customers/

Oracle Customers Confirm Data Stolen in Alleged Cloud Breach Is Valid

Oracle Cloud faces allegations of a breach as customers confirm that stolen data—claimed to include information from 6 million accounts—are valid. The hacker, known as ‘rose87168', asserts they exploited a vulnerability to access the data and is selling it. Despite evidence, Oracle maintains there was no breach. Multiple companies verified the authenticity of the leaked info, contradicting Oracle's claims. An email exchange between the hacker and an alleged Oracle representative has surfaced, further complicating the situation. Oracle has not responded to further inquiries.

https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/

Troy Hunt: Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

TL;DR: Troy Hunt processed 1.5TB of “ALIEN TXTBASE” stealer logs, containing 23 billion rows, impacting 284 million email addresses and introducing 244 million new passwords to “Have I Been Pwned.” Enhanced querying APIs for domain owners and website operators now allow broader searches of stealer logs, aimed at identifying compromised credentials, while a total of 493 million email-password pairs have been analyzed.

https://www.troyhunt.com/processing-23-billion-rows-of-alien-txtbase-stealer-logs/

A Breach of Gravy Analytics’ Huge Trove of Location Data Threatens the Privacy of Millions

,

Gravy Analytics suffered a data breach, exposing millions' location data from various smartphone apps. The hacker leaked samples on a cybercrime forum, revealing over 30 million location points, which can track users' movements and even identify vulnerable individuals, such as those in LGBTQ+ communities. Unacast, Gravy's parent company, reported the breach to data authorities after discovering unauthorized access to its cloud data. Gravy Analytics' website is down as investigations continue, raising significant privacy concerns amid existing FTC bans on their data practices.

https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/

Scroll to Top