Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Nissan Employee Data Breached in Oracle PeopleSoft Hack

0
Medium
Vulnerability
Published: 06/30/2026 (06/30/2026, 09:25:50 UTC)
Source: SecurityWeek

Description

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed. The post Nissan Employee Data Breached in Oracle PeopleSoft Hack appeared first on SecurityWeek .

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 06/30/2026, 09:51:34 UTC

Technical Analysis

A zero-day vulnerability identified as CVE-2026-35273 in Oracle PeopleSoft was exploited in a widespread campaign targeting over 100 organizations, including Nissan Americas. This campaign, attributed to the ShinyHunters extortion group, led to unauthorized access and potential theft of sensitive employee data such as social security numbers, banking, financial, and tax information. Nissan uses Oracle PeopleSoft for employee management and confirmed the breach via a notification to the California Attorney General. The attack affected multiple countries in North and South America. While other victims include educational institutions and insurance organizations, Nissan is not currently listed on the attackers' victim site. No official patch or remediation guidance has been disclosed.

Potential Impact

The breach potentially exposed sensitive personal and financial information of Nissan employees and former employees across multiple countries (US, Canada, Mexico, Brazil). This exposure increases the risk of identity theft, financial fraud, and privacy violations. The campaign also targeted numerous other organizations, indicating a broad impact on Oracle PeopleSoft customers. The involvement of a known extortion group suggests a risk of data being used for extortion or further criminal activity.

Mitigation Recommendations

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Organizations using Oracle PeopleSoft should monitor official Oracle communications for patches addressing CVE-2026-35273. Until a patch is available, consider applying any recommended temporary mitigations from Oracle. Review access logs and audit trails for suspicious activity related to PeopleSoft systems. Coordinate with legal and compliance teams regarding breach notifications and regulatory requirements.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Article Source
{"url":"https://www.securityweek.com/nissan-employee-data-breached-in-oracle-peoplesoft-hack/","fetched":true,"fetchedAt":"2026-06-30T09:51:27.167Z","wordCount":961}

Threat ID: 6a43919f27e9c797198654b0

Added to database: 06/30/2026, 09:51:27 UTC

Last enriched: 06/30/2026, 09:51:34 UTC

Last updated: 07/01/2026, 02:18:42 UTC

Views: 8

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses