%20Abstract%20Background%20112024%20SOURCE%20Amazon.jpg)
![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
-Nintendo-Switch-2-–-Overview-trailer-00-00-10.png?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#)
_Anna_Berkut_Alamy.jpg?#)
![Pixel 9a gets early teardown: Vapor chamber, cameras, more [Video]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/Pixel-9a-teardown-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![YouTube Announces New Creation Tools for Shorts [Video]](https://www.iclarified.com/images/news/96923/96923/96923-640.jpg)
![[Weekly funding roundup March 29-April 4] Steady-state VC inflow pre-empts Trump tariff impact](https://images.yourstory.com/cs/2/220356402d6d11e9aa979329348d4c3e/WeeklyFundingRoundupNewLogo1-1739546168054.jpg)
Oracle admits second major security breach, user login data stolen
Oracle says breach only affects old data, but some reports disagree.
- Several reports claim a second Oracle data breach has occured
- User login credentials were apparently stolen
- Oracle allegedly told some customers that the data is almost a decade old
Oracle has apparently suffered its second cyberattack in a month, but the company is downplaying its importance.
A Bloomberg report citing two people familiar with the matter has claimed Oracle told some of its customers a threat actor compromised its IT infrastructure and stole client login credentials.
At the same time, Reuters is reporting that an unidentified threat actor tried to sell the stolen data on the dark web, claiming to have stolen it from Oracle’s Austin, Texas premises.
Monitor your credit score with TransUnion starting at $29.95/month
TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.
Preferred partner (What does this mean?)View Deal
Old data
Bloomberg also reported that Oracle told some of its clients that the FBI was notified, and that CrowdStrike was brought in to investigate. Furthermore, the clients were notified that this is not the same incident that struck healthcare customers in March 2025. Finally, the attacker also tried to extort Oracle for the stolen data.
Oracle has hinted that the data isn’t that relevant, however, claiming that the compromised system was not used for eight years. Therefore, the conclusion is that the data found there is outdated and poses little risk.
However, there were Oracle customer login credentials from as recently as 2024.
We would say that leaked login data is always a problem, regardless of if it’s ten years, or ten days old. Besides, many organizations never change their login credentials, or reuse the same passwords across a myriad of other services, in which case such a database could prove a gold mine for brute-force or credential stuffing attacks.
At press time, Oracle has not yet addressed the media reports, but we have contacted the company for comment.
You might also like
- We've rounded up the best password managers
- Take a look at our guide to the best authenticator app
- Palo Alto Networks gateways facing huge number of possible security attacks
