Despite assertions that Oracle has not been impacted by the breach, threat actor "rose87168" discovered by CloudSEK researchers to have targeted the firm's production SSO endpoint "login.us2.oraclecloud.com," which was later leveraged to pilfer over 140,000 tenants' records. Such a domain was also leveraged to allow API request authentication, according to CloudSEK, which also validated the stolen customer domain names that rose87168 posted as samples. Oracle's immediate repudiation of the breach claims has already been questioned by cybersecurity experts, including Deepwatch Chief Information Security Officer Chad Cragle and Fenix co-founder and CISO Heath Renfrow. "Dismissing the incident without addressing this key detail raises more questions than answers. If Oracle wants to maintain credibility, the company must clarify how the file ended up there, whether any security gaps were exploited, and why the subdomain was taken down," said Cragle.
Major Connecticut-based nonprofit healthcare network Yale New Haven Health has confirmed having data from more than 5.5 million individuals compromised following a network intrusion last month, making the incident the largest health data breach so far this year, The Register reports.
More than 91.3 million individuals across the U.S. have been impacted by data breaches during the first quarter of 2025, which is 26% higher than the same period last year, even though breach incidents slightly declined year-over-year, according to Infosecurity Magazine.
Kelly Benefits, a Maryland-based benefits administration and payroll solutions provider, has confirmed that almost 264,000 individuals served by its customers Amergis, CareFirst, Beam Benefits, Intercon Truck of Baltimore, Beltway Companies, The Guardian Life Insurance Company of America, Transforming Lives, and Publications Circulation Fulfilment had their data compromised following a cyberattack in December, SecurityWeek reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
