Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.

A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.

A 27-year-old former student of Western Sydney University has been arrested for allegedly hacking the university's systems to obtain cheaper parking and access confidential data, affecting hundreds of staff and students. Birdie Kingston faces 20 charges, including unauthorized access and data theft, and is accused of stealing over 100GB of data and manipulating academic records. Despite prior warnings from police, she continued her hacking activities, even threatening to sell stolen student information on the dark web.

Nippon Steel Solutions has reported a data breach caused by the exploitation of a zero-day vulnerability in their network equipment. Cybercriminals threatened to leak stolen data, but subsequently ceased communication, leaving uncertainty about the breach's details and any potential connection to other incidents.

North Korean hacking group Kimsuky has experienced a significant data breach after two ethical hackers, known as 'Saber' and 'cyb0rg,' leaked 8.9GB of the group's data, exposing their tools and stolen information. The hackers criticized Kimsuky for its politically motivated cyber activities and claimed their actions were aimed at revealing the group's unethical practices. This breach may complicate Kimsuky's operations and disrupt their ongoing campaigns, although its long-term impact remains uncertain.

Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.

Radiology Associates of Richmond has reported a data breach affecting over 1.4 million individuals, with hackers accessing their systems for several days in April 2024. The compromised systems contained identifiable protected health and personal information.

Matthew D. Lane, a 19-year-old college student, was sentenced to four years in prison for his role in a cyberattack on PowerSchool that led to a significant data breach affecting millions of students and teachers. He pleaded guilty to multiple charges, including unauthorized access and cyber extortion, and was ordered to pay $14 million in restitution. The attack involved stealing sensitive data and demanding a ransom, with ongoing legal scrutiny surrounding PowerSchool's security practices.

Over 624,000 individuals were notified of a data breach at Healthcare Services Group, where personal information, including Social Security numbers and financial details, was stolen. The breach occurred between September 27 and October 3, 2024, and was identified on October 7, 2024.

Coinbase reported that hackers bribed overseas support agents to steal customer data, leading to potential costs of up to $400 million. The company received a ransom demand of $20 million but has refused to pay, instead offering a reward for information on the attackers. While sensitive customer information was accessed, no passwords or funds were compromised.