Nissan has disclosed a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group.

What Happened

The incident is believed to have occurred between May 27 and June 9, with Nissan Americas using Oracle PeopleSoft software to manage employee information, including payroll, tax administration, and other personnel records. The company has confirmed that attackers accessed sensitive employee data, including Social Security numbers, bank details, financial and tax records, and dependent and beneficiary information.

Nissan's investigation is ongoing, but the company believes the attackers may have stolen information belonging to current and former employees in the US, Canada, Mexico, and Brazil. The breach is linked to a wave of attacks exploiting a PeopleSoft zero-day vulnerability, with over 100 organizations and roughly 300 PeopleSoft instances reportedly compromised before Oracle issued mitigation measures.

Background and Context

The ShinyHunters extortion group has been linked to the campaign, which exploited a zero-day vulnerability in Oracle PeopleSoft to breach instances and steal data. The vulnerability, tracked as CVE-2026-35273, scores a 9.8 out of 10 on the CVSS severity scale, requiring no authentication or user interaction to exploit.

Nissan is not the only company affected by the breach, with hundreds of organizations impacted across various industries. The incident highlights the importance of robust security measures and regular software updates to prevent such attacks.

Why It Matters to the Industry

The data breach at Nissan serves as a reminder of the critical role that Oracle PeopleSoft plays in managing employee information for numerous companies. The vulnerability exploited by ShinyHunters underscores the need for robust security measures and regular software updates to prevent such attacks.

For adult-industry platforms and operators, this incident highlights the importance of implementing similar security measures to protect sensitive user data. With the increasing reliance on cloud-based services and software solutions, the risk of data breaches and cyberattacks continues to grow.

What Comes Next

Nissan has initiated its incident response plan, engaged external security specialists, and is cooperating with law enforcement. The company has also implemented stricter access controls for payroll information, requiring access from corporate networks or secure VPNs and adding extra identity verification steps.

The breach serves as a wake-up call for companies to review their security protocols and ensure that they are adequately protecting sensitive employee data. With the threat of cyberattacks continuing to grow, it is essential for organizations to prioritize robust security measures and regular software updates to prevent such incidents.

Key Facts

  • Nissan has disclosed a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability.
  • The incident is linked to a wave of attacks exploiting a PeopleSoft zero-day vulnerability, with over 100 organizations and roughly 300 PeopleSoft instances reportedly compromised.
  • ShinyHunters has been linked to the campaign, which exploited a zero-day vulnerability in Oracle PeopleSoft to breach instances and steal data.
  • The vulnerability, tracked as CVE-2026-35273, scores a 9.8 out of 10 on the CVSS severity scale, requiring no authentication or user interaction to exploit.
  • Nissan has implemented stricter access controls for payroll information, requiring access from corporate networks or secure VPNs and adding extra identity verification steps.