A security breach involving Oracle Cloud has exposed sensitive records from over 140,000 enterprise customers due to a vulnerability in Oracle Access Manager. Discovered by CloudSEK's XVigil team, the breach resulted in the theft of six million records, including critical security components like Java KeyStore files and encrypted passwords. The perpetrator, operating under the alias "rose87168," is selling the stolen data on underground forums and demanding ransom payments from affected organizations. While Oracle denies that customer data was compromised, the investigation indicates that the compromised server had not been updated in over a decade, highlighting significant security risks associated with known vulnerabilities. This breach has initiated an extortion campaign, presenting financial and ethical challenges for the impacted companies.

Oracle Cloud Hit by Major Security Breach Exposing 140,000 Customers' Data CSO Online

RWJBarnabas Health has initiated a program in New Jersey to provide free transportation to underserved patients through a partnership with Uber Health, addressing significant barriers to accessing healthcare. Launched in November 2023 with $25 million in state funding, the service started at Newark Beth Israel Medical Center and has since grown to include five more facilities within the RWJBarnabas network, now supported by an additional $50 million. By February 2025, the program had facilitated over 47,440 rides, effectively reducing missed appointments and enhancing access to medications and food resources, which is particularly crucial in an area where many households lack reliable transportation.

RWJBarnabas Health Teams Up with Uber to Eliminate Patient Transportation Barriers nj.com

The White House has initiated a shift in cybersecurity responsibilities, as President Donald Trump signed an executive order transferring management from the federal government to state and local agencies. This change aims to enhance state capabilities in managing infrastructure risks, particularly regarding cyberattacks. However, it comes amid federal budget cuts to cybersecurity support, raising concerns about states' ability to cope with growing threats. Experts warn that the reduction of federal services may lead to inconsistencies in cybersecurity readiness, particularly affecting local governments and educational institutions that often lack sufficient resources.

White House Shifts Cybersecurity Burden to States Amid Federal Cuts BankInfoSecurity

Organizations leveraging artificial intelligence in cloud environments are frequently risking their cybersecurity by making significant configuration errors. A Tenable report reveals that 91% of those surveyed had deployed Amazon SageMaker with root access enabled by default, posing serious risks if compromised, as root access can allow manipulation of critical systems. The report highlights the trend of excessive permissions and public exposure as significant vulnerabilities, alongside the "Jenga concept" where each service inherits risks from others, leading to potential cascading failures. To mitigate these risks, organizations need to proactively reassess their security settings rather than relying on default configurations.

AI in Cloud: Critical Cybersecurity Flaws Leave Organizations Vulnerable Dark Reading

A security breach involving Oracle Cloud has exposed sensitive records from over 140,000 enterprise customers due to a vulnerability in Oracle Access Manager. Discovered by CloudSEK's XVigil team, the breach resulted in the theft of six million records, including critical security components like Java KeyStore files and encrypted passwords. The perpetrator, operating under the alias "rose87168," is selling the stolen data on underground forums and demanding ransom payments from affected organizations. While Oracle denies that customer data was compromised, the investigation indicates that the compromised server had not been updated in over a decade, highlighting significant security risks associated with known vulnerabilities. This breach has initiated an extortion campaign, presenting financial and ethical challenges for the impacted companies.

Oracle Cloud Hit by Major Security Breach Exposing 140,000 Customers' Data CSO Online

RWJBarnabas Health has initiated a program in New Jersey to provide free transportation to underserved patients through a partnership with Uber Health, addressing significant barriers to accessing healthcare. Launched in November 2023 with $25 million in state funding, the service started at Newark Beth Israel Medical Center and has since grown to include five more facilities within the RWJBarnabas network, now supported by an additional $50 million. By February 2025, the program had facilitated over 47,440 rides, effectively reducing missed appointments and enhancing access to medications and food resources, which is particularly crucial in an area where many households lack reliable transportation.

RWJBarnabas Health Teams Up with Uber to Eliminate Patient Transportation Barriers nj.com

The White House has initiated a shift in cybersecurity responsibilities, as President Donald Trump signed an executive order transferring management from the federal government to state and local agencies. This change aims to enhance state capabilities in managing infrastructure risks, particularly regarding cyberattacks. However, it comes amid federal budget cuts to cybersecurity support, raising concerns about states' ability to cope with growing threats. Experts warn that the reduction of federal services may lead to inconsistencies in cybersecurity readiness, particularly affecting local governments and educational institutions that often lack sufficient resources.

White House Shifts Cybersecurity Burden to States Amid Federal Cuts BankInfoSecurity

Organizations leveraging artificial intelligence in cloud environments are frequently risking their cybersecurity by making significant configuration errors. A Tenable report reveals that 91% of those surveyed had deployed Amazon SageMaker with root access enabled by default, posing serious risks if compromised, as root access can allow manipulation of critical systems. The report highlights the trend of excessive permissions and public exposure as significant vulnerabilities, alongside the "Jenga concept" where each service inherits risks from others, leading to potential cascading failures. To mitigate these risks, organizations need to proactively reassess their security settings rather than relying on default configurations.

AI in Cloud: Critical Cybersecurity Flaws Leave Organizations Vulnerable Dark Reading