Oracle was reported by Bloomberg to have admitted the theft of some customers' old credentials as a result of the compromise of an environment deprecated eight years ago following prior categorical denial of any breach after threat actor "rose87168" recently claimed stealing six million data records from Oracle Cloud's federated single sign-on servers, according to BleepingComputer.
Even though Oracle emphasized that no recent or sensitive details were affected by the incident which is already being probed by the FBI and CrowdStrike information exposed by rose87168 included text files and LDAP data from 2024 and 2025. Moreover, Oracle Cloud Classic, or Gen 1, servers were confirmed by the firm to have been targeted with attacks leveraging a 2020 Java exploit since January, which resulted in the exfiltration of Oracle Identity Manager database information, an investigation from CybelAngel revealed. Such a development comes after Oracle Health was reported to have its legacy data migration servers compromised in February, resulting in a data breach affecting various healthcare providers across the U.S.
Cybernews reports that BreachForums had its planned revival last week purportedly hindered by a zero-day intrusion against the outdated MyBB forum software used by the BreachForums[.]st site then owned by "Anastasia."
Major Connecticut-based nonprofit healthcare network Yale New Haven Health has confirmed having data from more than 5.5 million individuals compromised following a network intrusion last month, making the incident the largest health data breach so far this year, The Register reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
