Hello 👋 get a brew on because these are the top 3 emerging risks between March 24th, and April 7th, 2025…

Review our report’s terminology here ↗

Our main risk this fortnight is…

1. Technological: Oracle’s biggest breach they don’t want you to know about.

• A hacker named Rose87168 claims to have breached Oracle’s identity platform, stealing over 6 million customer records including SSO credentials, OAuth2 keys, and hashed passwords, and is now extorting affected companies.

• Oracle denies, but evidence says otherwise. Despite Oracle’s public denial, independent cybersecurity firms have verified the data is real, affecting up to 144,000 companies, with credentials dated as recently as 2024.

• Why this matters: This breach represents a serious third-party risk. If you use Oracle Cloud or rely on its SSO platform, your systems and data could be compromised, even if your internal security is strong.

• What to do now:

  • Investigate if your domain or team was affected.

  • Reset all credentials and rotate any tokens/keys.

  • Enable MFA and monitor for suspicious activity.

  • Update your incident response plans to account for vendor breaches.

Sources

• Bleeping Computer - Oracle privately confirms Cloud breach to customers | Published on 2025-04-03

• Tech Spot - Oracle buried serious data breach from customers, now hacker has it up for sale | Published on 2025-04-01

You should be concerned if…

• Large enterprises using Oracle Cloud for identity or infrastructure: Especially those using Oracle Identity Cloud Service (IDCS) or Oracle Cloud Classic for Single Sign-On (SSO), authentication, or access control.

• Organisations with sensitive or regulated data: Financial institutions, healthcare providers, government agencies, and large SaaS platforms that store personally identifiable information (PII), financial records, or proprietary IP.

• Companies with global operations or remote workforces: Those relying on cloud-based authentication for distributed teams are at higher risk if compromised credentials lead to unauthorised access.

• Third-party vendors and Oracle partners: Suppliers, consultants, or service providers integrated into Oracle’s ecosystem may also have credentials or access points exposed.

• IT, security, and DevOps teams: These individuals are directly responsible for managing cloud credentials, access policies, and system monitoring - and are now on the front line of mitigating the breach fallout.

These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don’t know what they are, get in touch.

Preventative actions

• Investigate if your domain or team was affected.

• Reset all credentials and rotate any tokens/keys.

• Enable MFA and monitor for suspicious activity.

• Update your incident response plans to account for vendor breaches.

2. Technological: Fake receipts being used for fraudulent expenses.

• AI is powering a new wave of expense fraud: With tools like ChatGPT and DALL·E, anyone can now generate hyper-realistic fake receipts - complete with wrinkled textures, restaurant logos, itemised charges, and perfect maths.

• Fraud is rising fast: AI-generated receipts accounted for nearly 15% of all expense fraud in 2024 - a 300% increase in just two years. And that’s only what’s been caught.

• The risks are broad and costly: Businesses face financial losses, tax liabilities, damaged employee trust, and increased overhead trying to verify claims.

• Detection and prevention are evolving: Tools like Ramp and Veryfi can now detect AI-generated receipts using metadata and OCR, while QR code-based receipts in Europe offer a strong model for verification.

Sources

• Trustpair - The Rise of Generative AI Fraud: Risks, Realities, and Strategies for Businesses | Published on 2024-11-15

• The Economic Times - 'Still Ghibli-posting, pivot to insurance fraud': Netizens are now using ChatGPT to fake receipts and accident | Published on 2025-04-03

3. Technological: Russia floods web with millions of fake articles, targetting LLMs.

• AI is being deliberately fed disinformation: A Russian network called "Pravda" created over 3.6 million fake articles across 150+ sites in 49 countries to poison AI training data, and it’s working. Major chatbots repeated propaganda 33% of the time.

• AI poisoning is a growing global threat: Beyond Russia, China, Iran, and others are manipulating AI through censorship, fake personas, and corrupted models like PoisonGPT.

• The risks are real and serious: Businesses depending on AI face reputational damage, financial losses, and compliance issues if decisions are made using manipulated outputs.

• Action is critical: Vet your AI vendors, cross-check outputs, monitor response patterns, and train teams to question AI-generated content; your data supply chain depends on it.

Sources

• Euromaiden Press - Russian propaganda network Pravda tricks 33% of AI responses in 49 countries | Published on 2025-03-27

Want to discuss how these risks might effect your business?
Book 30 minutes with us, free ↗

Need support?

At Unbreakable Ventures, we are passionate about helping people get through disasters. That’s why our team of Advisors bring you this resource free of charge. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unreasonable Ventures to support this channel.

Book your 30min call here