Nissan Employee Data Compromised in Oracle PeopleSoft Attack – Veri Sızıntısı

Nissan Employee Data Breached in Oracle PeopleSoft Hack

Automotive giant Nissan has confirmed that sensitive data of its current and former employees was breached in a cyberattack targeting a zero-day vulnerability in Oracle PeopleSoft software. The ShinyHunters group is believed to be behind the attack.

The Nissan logo overlaid on a cybersecurity concept graphic representing the data breach in the Oracle PeopleSoft system.

What Happened

Nissan, one of the giants of the automotive industry, has announced it has fallen victim to a large-scale cyberattack. The company's American operations, Nissan Americas, confirmed in an official filing with the California Attorney General that it experienced a data breach. The breach originated from a previously unknown vulnerability in the Oracle PeopleSoft platform, which the company uses to manage employee information. This incident is seen as part of a major attack wave believed to have affected more than one hundred organizations worldwide that use PeopleSoft.

Nissan suspects that the attackers infiltrated its systems and may have accessed a significant amount of data. In a statement, the company said it immediately launched an investigation after discovering the incident and is working with cybersecurity experts to secure its systems. However, details such as when the attack began and how long it lasted have not yet been shared with the public. This breach adds another incident to Nissan's list of cybersecurity challenges in recent years. Previously, in April, the Everest ransomware group claimed to have stolen Nissan customer data.

Data Compromised

Although the investigation is ongoing, Nissan's initial findings paint a concerning picture. The attackers are believed to have accessed highly sensitive personal and financial information belonging to the company's current and former employees. The data presumed to be stolen includes:

  • Social Security Numbers (SSNs): One of the most critical pieces of data for identity theft.
  • Bank Account Information: Payroll and payment details that pose a direct risk of financial fraud.
  • Financial and Tax Data: Employees' tax filings and other financial records.

The theft of such data exposes employees to very serious risks, including identity theft, draining of bank accounts, fraudulent loans being taken out in their names, and tax fraud. The company is continuing its efforts to determine the full scope of the compromised data types.

How the Attack Occurred

According to Nissan's statement, the attack was carried out using a "zero-day" vulnerability in Oracle's widely used human resources software, PeopleSoft. Zero-day vulnerabilities are flaws unknown to the software developer or for which a patch has not yet been released, giving cybercriminals a significant advantage in infiltrating systems.

This specific vulnerability is being tracked as CVE-2026-35273. The attackers exploited this flaw to gain access to Nissan's human resources database. The cyber-extortion gang known as ShinyHunters, notorious for targeting many large corporations in the past, is believed to be behind this campaign. Interestingly, however, at the time of this writing, Nissan was not yet listed on ShinyHunters' leak site. No other technical details of the attack have been disclosed at this time.

Who Is Affected

The data breach affects a wide range of individuals working in Nissan's operations across the Americas. According to the company's notification, the data of current and former employees in the following countries is at risk:

  • United States
  • Canada
  • Mexico
  • Brazil

However, this attack is not limited to Nissan. ShinyHunters' Oracle PeopleSoft campaign is alleged to have targeted more than 100 organizations. The education sector, in particular, is reported to be heavily impacted. Other victims that have been publicly identified or have confirmed the attack include institutions like the University of Nottingham, the National Association of Insurance Commissioners (NAIC), Illinois Central College, and Moody Bible Institute. This highlights the widespread and sophisticated nature of the attack.

What You Can Do

If you are a current or former Nissan employee and are concerned that your data may have been compromised, it is critical to take immediate action. Here are the steps you can take:

  • Check Your Credit Reports: Request your free credit reports from the major credit bureaus (Equifax, Experian, TransUnion) and check for any suspicious accounts or loans opened in your name. Consider placing a fraud alert on your file.
  • Monitor Your Bank Accounts: Regularly review your bank and credit card statements. Contact your bank immediately if you see any transactions you don't recognize.
  • Be Vigilant Against Tax Fraud: Attackers can use your tax information to file fraudulent tax returns in your name. Be wary of any unexpected notices from tax authorities.
  • Watch Out for Phishing Attacks: Your stolen information can be used to create highly convincing phishing emails or messages. Never respond to suspicious communications asking for personal information or passwords.
  • Follow Nissan's Official Communications: The company will likely provide information to employees affected by the breach. Follow official channels to see if they will offer support, such as credit monitoring services.

What the Company Is Saying

Nissan Americas officially acknowledged the situation in its data breach notification filed with the California Attorney General. The company confirmed its use of the Oracle PeopleSoft system for payroll, tax administration, and other employee records. The statement noted that they learned they were one of the victims of the campaign targeting the CVE-2026-35273 vulnerability. Nissan emphasized that the investigation is ongoing and that they are taking the necessary steps to inform affected individuals. The company is presumably reviewing its security measures to prevent similar incidents in the future.

Source

https://www.securityweek.com/nissan-employee-data-breached-in-oracle-peoplesoft-hack/

This content was generated with AI assistance through our Argus Flow application. We are continuously working to improve Argus Flow; if you encounter any issues such as translation errors, incorrect sources, or unverified information, you can report them using the button below. We appreciate your feedback.

Weekly Newsletter

Curated data breach news delivered to your inbox every week.