An anonymous reader shares a report: Oracle has told customers that a hacker broke into a computer system and stole old client log-in credentials, according to two people familiar with the matter. It's the second cybersecurity breach that the software company has acknowledged to clients in the last month. Oracle staff informed some clients this week that the attacker gained access to usernames, passkeys and encrypted passwords, according to the people, who spoke on condition that they not be identified because they're not authorized to discuss the matter. Oracle also told them that the FBI and cybersecurity firm CrowdStrike are investigating the incident, according to the people, who added that the attacker sought an extortion payment from the company. Oracle told customers that the intrusion is separate from another hack that the company flagged to some health-care customers last month, the people said.

Read more of this story at Slashdot.

A breach of legacy Cerner servers at Oracle Health exposed patient data from multiple U.S. hospitals and healthcare organizations, with threat actors using compromised customer credentials to steal the data before it had been migrated to Oracle Cloud. Despite confirming the breach privately, Oracle Health has yet to publicly acknowledge the incident. BleepingComputer reports: Oracle Health, formerly known as Cerner, is a healthcare software-as-a-service (SaaS) company offering Electronic Health Records (EHR) and business operations systems to hospitals and healthcare organizations. After being acquired by Oracle in 2022, Cerner was merged into Oracle Health, with its systems migrated to Oracle Cloud. In a notice sent to impacted customers and seen by BleepingComputer, Oracle Health said it became aware of a breach of legacy Cerner data migration servers on February 20, 2025. "We are writing to inform you that, on or around February 20, 2025, we became aware of a cybersecurity event involving unauthorized access to some amount of your Cerner data that was on an old legacy server not yet migrated to the Oracle Cloud," reads a notification sent to impacted Oracle Health customers. Oracle says that the threat actor used compromised customer credentials to breach the servers sometime after January 22, 2025, and copied data to a remote server. This stolen data "may" have included patient information from electronic health records. However, multiple sources told BleepingComputer that it was confirmed that patient data was stolen during the attack. Oracle Health is also telling hospitals that they will not notify patients directly and that it is their responsibility to determine if the stolen data violates HIPAA laws and whether they are required to send notifications. However, the company says they will help identify impacted individuals and provide templates to help with notifications.

Read more of this story at Slashdot.

Oracle co-founder and chairman Larry Ellison said governments should consolidate all national data for consumption by AI models, calling this step the "missing link" for them to take full advantage of the technology. From a report: Fragmented sets of data about a population's health, agriculture, infrastructure, procurement and borders should be unified into a single, secure database that can be accessed by AI models, Ellison said in an on-stage interview with former British Prime Minister Tony Blair at the World Government Summit in Dubai. Countries with rich population data sets, such as the UK and United Arab Emirates, could cut costs and improve public services, particularly health care, with this approach, Ellison said. Upgrading government digital infrastructure could also help identify wastage and fraud, Ellison said. IT systems used by the US government are so primitive that it makes it difficult to identify "vast amounts of fraud," he added, pointing to efforts by Elon Musk's team at the Department of Government Efficiency to weed it out.

Read more of this story at Slashdot.