Nissan discloses employee data breach tied to Oracle PeopleSoft vulnerability

AI-Generated Summary

3 sources

20 hours ago

1 views

Nissan discloses employee data breach tied to Oracle PeopleSoft vulnerability

Key Points

Nissan discloses a data breach affecting current and former employees.
The breach involves exploitation of an Oracle PeopleSoft vulnerability described as a zero-day.
The attack is linked to a PeopleSoft campaign previously associated with ShinyHunters extortion activity.
Multiple outlets report that only a handful of organizations targeted in the broader campaign are confirmed publicly.
The reporting centers on employee data theft rather than other data categories.

Nissan has disclosed that threat actors accessed and stole employee data affecting current and former employees, following exploitation of a vulnerability in Oracle PeopleSoft. Multiple outlets report that the incident is connected to a broader PeopleSoft attack campaign that previously involved extortion activity associated with the ShinyHunters group. The breaches are described as using an Oracle PeopleSoft zero-day, with attackers leveraging the flaw to obtain data.

While the PeopleSoft campaign involved a larger number of organizations, sources note that only a limited set of victims have been publicly confirmed so far. Nissan’s disclosure centers on the impact to individuals employed by the company, rather than the theft of customer or other categories of data. The reporting aligns on the general method—exploitation of the Oracle PeopleSoft vulnerability—and on the broader context linking the attacks to earlier reporting about ShinyHunters-linked activity. Details such as the specific data elements taken, the timeline of compromise, and the extent of exposure are not fully expanded across the provided summaries. The disclosures emphasize the continued fallout from the Oracle zero-day PeopleSoft exploitation campaign and its reach across multiple organizations.

How Outlets Covered This Story

INF

Infosecurity Magazine

Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day

Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign

2 hours ago

SEC

SecurityWeek

Nissan Employee Data Breached in Oracle PeopleSoft Hack

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed. The post Nissan Employee Data Breached in Oracle PeopleSoft Hack appeared first on SecurityWeek.

9 hours ago

BLE

Bleeping Computer

Nissan discloses employee data breach linked to Oracle zero-day attacks

Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group. [...]

22 hours ago

We use cookies

This website uses cookies in order to enhance the overall user experience.

Take a look at our Cookies Policy for more information.

Nissan discloses employee data breach tied to Oracle PeopleSoft vulnerability

BIS warns AI investment boom could unwind quickly, disrupting credit markets and equities

Motorola Edge 70 Max certified for Qi2 25W magnetic wireless charging

Developer Builds Self-Verifying, Self-Healing AI Rule System Using Transcript Markers