Nissan Reveals Extensive Employee Data Breach Linked to Widespread Oracle Zero-Day Attacks
In a disturbing reminder of the ongoing cyber threat landscape, Nissan has disclosed that it suffered a significant data breach affecting current and former employees. The breach is believed to be linked to widespread attacks on Oracle PeopleSoft servers, which exploited a previously unknown vulnerability in the software.
According to breach notifications filed with the California Attorney General’s Office, Nissan was specifically targeted by threat actors who exploited an Oracle PeopleSoft vulnerability to steal sensitive employee data. The affected information includes personal contact details, banking information, Social Security numbers, and financial data. The incident is believed to impact employees in the United States, Canada, Mexico, and Brazil.
Oracle has informed Nissan that hundreds of companies may have been impacted by these data theft attacks, which were previously linked to the ShinyHunters extortion group. ShinyHunters has a history of targeting cloud-based environments, including Salesforce and Snowflake, as well as third-party integration partners. The group’s modus operandi involves exploiting zero-day vulnerabilities in software applications to gain unauthorized access to sensitive data.
The disclosure comes on the heels of widespread reports of Oracle PeopleSoft servers being hacked using a zero-day vulnerability tracked as CVE-2026-35273. Mandiant confirmed that threat actors exploited this flaw in data theft attacks between May 27 and June 9, primarily impacting organizations in the education sector. ShinyHunters has since leaked stolen data on its website, including for high-profile targets such as Nottingham University and the National Association of Insurance Commissioners (NAIC).
Nissan’s incident response efforts are still in their early stages, but the company has taken steps to secure affected systems and prevent further unauthorized access. As a precautionary measure, Nissan is restricting access to employee pay slips and direct deposit changes to its internal network or secured VPN connections while implementing additional identity verification measures.
While the full impact of the breach remains uncertain, it serves as a stark reminder of the importance of robust cybersecurity defenses in today’s digital landscape. With threat actors constantly evolving their tactics, organizations must stay vigilant and proactive in detecting and responding to potential security incidents.
As a practical takeaway for our readers, we recommend that all organizations prioritize regular penetration testing and vulnerability assessments to identify weaknesses before attackers can exploit them. By staying ahead of the threat curve, you can reduce your organization’s risk profile and prevent costly data breaches like Nissan’s from occurring in the first place.
Source: Bleeping Computer — 2026-06-29