INSPECTING ARCHIVED INTELLIGENCE (OUTDATED VERSION).
Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day Exploit
| 2026-06-30 16:00 CRITICAL LOWExecutive Summary AI-generated
The breach of Nissan's employee database is a critical incident that has exposed sensitive personal data, including national identification numbers and dependent or beneficiary information. The attack occurred after an unknown vulnerability in Oracle PeopleSoft software was exploited by threat actors to gain unauthorized access to the company's payroll and HR systems. This breach may have affected hundreds of companies across multiple countries, including the US, Canada, Mexico, and Brazil. Nissan has disclosed that current and former employees' sensitive personal data may have been stolen, which could lead to a mass-casualty event in the industry. The incident highlights the importance of robust cybersecurity measures and employee awareness programs to prevent similar breaches from occurring in the future.
Technical Mitigations AI-generated
* Implement a robust security framework that includes multi-factor authentication (MFA), secure password management, and regular software updates to prevent exploitation of known vulnerabilities like CVE-2026-35273.
* Conduct thorough vulnerability assessments and penetration testing to identify potential entry points for attackers before they can exploit the zero-day flaw in Oracle's PeopleSoft software.
* Use a secure communication protocol, such as Transport Layer Security (TLS), when transmitting sensitive data between systems and networks to prevent eavesdropping and tampering.
* Regularly monitor network traffic and system logs for signs of suspicious activity or unauthorized access attempts to detect potential breaches and respond quickly in case of an incident.
AI Podcast (EN) detail_available
detail_listen_ai (EN)
Intelligence Metadata
Actors / Malware / CVEs / Campaigns
Campaign
NissanCampaign
Nissan
CVE-2026-35273CVE-2026-35273
Target & Sectors
NORTH_AMERICA
NORTH_AMERICA
educationeducation
Incident Timeline
June 26
Nissan disclosed that Oracle warned it of a cyber event on June 26.
May 27 and June 9
Nissan disclosed the employee data breach on May 27 and June 9.
between May 27 and June 9
Threat actors exploited the Oracle PeopleSoft CVE-2026-35273 vulnerability.
Click on any entity below to view its context and source!
vulnerability
CVE-2026-35273
While Oracle has still not publicly confirmed that the flaw was exploited,
Mandiant later confirmed
that threat actors exploited the Oracle PeopleSoft CVE-2026-35273 vulnerability as a zero-day in data theft attacks between May 27 and June 9.
2026/06/30
Oracle zero-day flaw exploited by ShinyHunters in PeopleSoft servers.
Click on any entity below to view its context and source!
organisation
Nissan Discloses Employee Data
Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day.
organisation
Oracle Zero-Day
Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day.
organisation
Nissan
Nissan discloses employee data breach linked to Oracle zero-day attacks.
Nissan has disclosed that current and former employees may have had sensitive personal data stolen, including Social Security numbers, banking details and tax records, after attackers exploited a zero-day flaw in Oracle's PeopleSoft software.
organisation
ShinyHunters
Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group.
The wider campaign has been linked to the ShinyHunters extortion group, which claimed to have hit more than 100 organizations, mostly universities.
organisation
Oracle PeopleSoft
Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group.
Caught in a Mass PeopleSoft Campaign
Nissan described the entry point only as an unknown vulnerability in Oracle PeopleSoft, the enterprise software it uses to run payroll and HR.
victims
100 organizations
The wider campaign has been linked to the ShinyHunters extortion group, which claimed to have hit more than 100 organizations, mostly universities.
The ShinyHunters extortion gang claimed responsibility for the attacks, telling BleepingComputer that over 300 PeopleSoft instances across 100 organizations were breached.
These attacks primarily impacted organizations in the education sector, and Mandiant said it notified over 100 organizations, confirming the information previously shared by ShinyHunters.
organisation
PeopleSoft
The ShinyHunters extortion gang claimed responsibility for the attacks, telling BleepingComputer that over 300 PeopleSoft instances across 100 organizations were breached.
Nissan has disclosed that current and former employees may have had sensitive personal data stolen, including Social Security numbers, banking details and tax records, after attackers exploited a zero-day flaw in Oracle's PeopleSoft software.
organisation
Mandiant
These attacks primarily impacted organizations in the education sector, and Mandiant said it notified over 100 organizations, confirming the information previously shared by ShinyHunters.
organisation
MFA
It urged employees to watch for phishing, change reused passwords and enable multi-factor authentication (MFA).
organisation
Oracle PeopleSoft PeopleTools
Soon after, Oracle disclosed a critical vulnerability in Oracle PeopleSoft PeopleTools, tracked as
CVE-2026-35273
, and
released emergency mitigations
.
organisation
Social Security
Nissan has disclosed that current and former employees may have had sensitive personal data stolen, including Social Security numbers, banking details and tax records, after attackers exploited a zero-day flaw in Oracle's PeopleSoft software.
"
Nissan says it is still in the early stages of the investigation and has not yet determined the full impact of the breach, but believes attackers accessed personal information that may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information.
organisation
Oracle
Nissan has disclosed that current and former employees may have had sensitive personal data stolen, including Social Security numbers, banking details and tax records, after attackers exploited a zero-day flaw in Oracle's PeopleSoft software.
In breach notifications filed with the California Attorney General's Office, Oracle says these data theft attacks impacted hundreds of companies and that Nissan was specifically targeted in the campaign.
organisation
Social Insurance Numbers,
"
Nissan says it is still in the early stages of the investigation and has not yet determined the full impact of the breach, but believes attackers accessed personal information that may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information.
organisation
CTO
Simon Pamplin, CTO at data security firm Certes, called it "a mass-casualty event across hundreds of unrelated organizations," warning that patching the flaw does nothing for data already taken during the exploitation window.
organisation
Luthfi Syahwal / Shutterstock.com
Image credit: Luthfi Syahwal / Shutterstock.com
data_breach
280 data records
ShinyHunters recently targeted the education sector in a separate
cyberattack on Instructure Canvas
, stealing 280 million data records from students, teachers, and staff.
organisation
Nottingham University
Since then, ShinyHunters has begun leaking data stolen in these attacks on its data leak site, including for the
Nottingham University
and
the National Association of Insurance Commissioners (NAIC)
.
organisation
NAIC
Since then, ShinyHunters has begun leaking data stolen in these attacks on its data leak site, including for the
Nottingham University
and
the National Association of Insurance Commissioners (NAIC)
.
organisation
Nissan Americas
"Nissan Americas uses Oracle PeopleSoft software to manage employee information, including payroll, tax administration, and other personnel records," reads the
breach notifications
.
organisation
BleepingComputer
Linked to ShinyHunters PeopleSoft zero-day attacks
The disclosure is believed to stem from the widespread exploitation of Oracle PeopleSoft servers
first reported by BleepingComputer
earlier this month.
organisation
EDR
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Tactical Metrics
Metrics
victims
100
Organizations
Click for context!
The wider campaign has been linked to the ShinyHunters extortion group, which claimed to have hit more than 100 organizations, mostly universities.
These attacks primarily impacted organizations in the education sector, and Mandiant said it notified over 100 organizations, confirming the information previously shared by ShinyHunters.
The ShinyHunters extortion gang claimed responsibility for the attacks, telling BleepingComputer that over 300 PeopleSoft instances across 100 organizations were breached.
Metrics
data_breach
280,000,000
Data Records
ShinyHunters recently targeted the education sector in a separate
cyberattack on Instructure Canvas
, stealing 280 million data records from students, teachers, and staff.
Intelligence Sources
BleepingComputer
2026-06-29
Infosecurity-Magazine
2026-06-30
Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day
Infosecurity-Magazine
Unpublish from Social Media?
Are you sure you want to delete this podcast video from all synchronized social networks (YouTube, Facebook, Threads)?
Important:
Due to Meta API restrictions, Instagram Reels cannot be deleted automatically via API by third-party apps.
View Profile to Delete Manually
View Profile to Delete Manually
Tactical Intelligence
Report Intelligence Issue
Podcast Options
Generate
Reset / Delete
Incident Version History
CURRENT VERSION
Last Updated: 2026-07-01T06:35
Comprehensive Tactical Telemetry
Highly Correlated Entities
20x
organisation
Identified Entity
Nissan Discloses Employee Data
entity
5x
tactic
Cyber Operation Type
Data Breach
tactic
4x
source region
Origin Country
United States
country
4x
target region
Target Country
United States
country
3x
timeline
Temporal Reference
June 26
date
2x
general metric
%
54
%
Contextual Telemetry
Context Block
7 METRICS
victims
Organizations
100
organizations
campaign
Campaign
Campaign
Nissan
operation
vulnerability
Exploited CVE
CVE-2026-35273
cve
general metric
Cve-2026
35,273
cve-2026
industry
Targeted Sector
Education
sector
data breach
Data Records
280,000,000
data records
general metric
Peoplesoft Instances
300
peoplesoft instances
Click on any entity below to view its context in the main text!
Selective Unpublish
Selecciona las redes de las que quieres eliminar esta publicación. El sistema intentará borrar el post real de la API y limpiará la base de datos para que puedas volver a lanzarlo.
By navigating this website, you accept the use of strictly necessary technical cookies for session security and basic platform functionality. We do not use tracking or advertising cookies.
Read our Privacy Policy.