oracle denies its cloud systems were hacked. Top secret military details were sent by accident to the editor of the Atlantic Magazine and Troy Hunt who created the site. Have I been Pwnd has well. It been Pwnd. This is cybersecurity today. I'm your host, Jim Love. Oracle is denying claims that its cloud systems were breached after a hacker alleged they had stolen 6 million user records.
We covered this in our last episode of cybersecurity Today, the hacker using the alias Rose 8 7 1 6 8 had posted on a dark web forum claiming they had accessed encrypted passwords, single sign on credentials, Java key store files, and other sensitive configuration data from Oracle's Cloud login servers. In a public statement, Oracle said There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud.
No Oracle Cloud customers experienced a breach or lost any data. The hacker reportedly demanded 100,000 Monero, a privacy focused cryptocurrency known for being difficult to trace in exchange for the data and instructions on how to fix the claimed vulnerability. After Oracle did not respond, the data was offered for sale. The hacker also invited companies to pay to have their employee records removed from the dataset before it was sold.
The authenticity of the stolen data has not been independently verified. Oracle continues to insist that its systems remain secure and that no customer data has been compromised. However, Bleeping Computer which first reported the story was given a link by the hackers showing a dot txt file uploaded to what appears to be. Oracle's Cloud servers. The outlet has asked Oracle to explain how the file was placed there without having access to the server.
As of the time we went to air, Oracle had not responded. The Atlantic's editor in chief Jeffrey Goldberg said he was mistakenly added to a Signal group chat discussing classified US military strikes in Yemen. The chat included high level members of the Trump administration and detailed targets, weapons, and timing for a bombing campaign against the Houthis Militant Group in Yemen.
According to Goldberg, he received the message on March 11th from someone claiming to be National Security Advisor, Michael Waltz. Two days later, he was added to a group titled Houthis PC Small Group, where other users apparently acting as US cabinet officials, began coordinating responses and designating staff contacts. Initially Goldberg suspected a hoax or foreign disinformation campaign, but the details of the message combined with the subsequent launches of US airstrikes.
Two hours after the group's final message confirmed the plans were real. And the messages named US officials, including Pete Hegseth, JD Vance, Marco Rubio, and Tulsi Gabbard, and discussed diplomatic communications, military sequences, and classified systemS. Not surprisingly, the leak has caused a huge uproar, first and most obvious. Although Signal is an encrypted app, it is not in any way an appropriate channel for US military secrets.
Russians and others have managed to break into Signal communications in the past. You can also add to this that it was most likely communicated on regular cell phones as you can't install Signal on approved government communication devices. And as a third strike, at least one of the people involved in this chat may have been in Moscow at the time of the communications. In addition to add insult to injury, they included a journalist in their discussions. It's the ultimate in sloppiness.
Fortunately, Goldberg, the Atlantic editor declined to publish the name of the active intelligence officer who was mentioned in the chat, and he kept other top secret details confidential. Many critics have noted that if the average military officer would've demonstrated this degree of carelessness with top secret records, they would've been court marshaled and possibly even jailed.
Troy Hunt renowned information security expert and founder of Have I Been Pwnd has reported a phishing attack that compromised his MailChimp account leading to the exposure of approximately 16,000 email subscribers. Information the breach affected both active subscribers and around 7,500 individuals who had previously unsubscribed hunt expressed frustration over MailChimp's retention of unsubscribed users data and is investigating whether this was due to a configuration issue on his part.
Hunt noted that he was jet lagged when he got the phishing email, which was crafted to create a sense of urgency, prompting him to log into a fraudulent page where he entered his credentials and a one-time passcode, he did realize the deception moments later, but when he attempted to secure his account in that few minutes, the mailing list had already been exported. The automated attack was executed within minutes.
Hunt highlighted the limitations of traditional two-factor authentication methods, noting that MailChimp does not support phishing resistant options like hardware, security keys, or pass keys. He emphasized that while two-factor authentication via one-time passcodes offers some security. It remains vulnerable to automated phishing attacks that can relay these codes in real time.
Hunt also expressed his frustration at Outlook's iOS app, which put the email sender name as MailChimp account services and hid the domain HR at group dash f be. That would've given it away as a fake.
Now while we can parse this in hindsight and we can look for the things that Hunt should have caught, the real lesson is that if someone, this well-trained can fall victim to a phishing attack, all of us are vulnerable We also have to give Hunt full credit for blogging about this immediately providing screenshots and a full disclosure. That can't have been an easy thing to do, and for full disclosure, although I try to be absolutely careful, I've been fooled as well.
I almost clicked on a link last week when my wife, who has no interest at all in tech and security, asked if I was nuts telling me this link was obviously a fake. And I smiled. Because somebody who I'd made aware of security issues had learned enough to stop me from making a mistake. The moral, stay humble. We all make mistakes. Stay open. Talk to people about them when you make them.
And let's remember that the difference between whether a user is the weakest link or another layer of protection doesn't depend on them totally, but how well we communicate. And given my earlier story, the examples we set with our own behavior. And that's our show. I'm your host, Jim Love. Thanks for listening.