RSS

Council of Europe hacked in ShinyHunters' PeopleSoft heist

lschueller2 pts1 comments

Council of Europe hacked in ShinyHunters' PeopleSoft heist

Jump to main content

Search

REG AD

CYBER-CRIME

Council of Europe hacked in ShinyHunters' PeopleSoft heist

Joins the ranks of Nottingham Uni and 100 other unnamed victims

Jessica Lyons

Jessica<br>Lyons

Published<br>mon 15 Jun 2026 // 18:44 UTC

ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.<br>According to a post on the extortion crew’s data-leak site, the 429,000 pilfered files contain HR and payroll records, payslips, purchase-order records, CVs, and employees’ salary, banking, tax, and medical records.<br>A Council of Europe spokesperson told The Register that it is “currently investigating the matter and assessing the situation,” but declined to comment further.

REG AD

REG AD

A spokesperson for the cybercrime group told us that the Council is yet another victim of the Oracle PeopleSoft heist. Oracle has yet to respond to The Register’s inquiries, and it's unclear if the vulnerability, tracked as CVE-2026-35273, has been patched.<br>ShinyHunters previously told us that the gang exploited the CVE to compromise more than 100 organizations across 300 vulnerable instances, and that these victims included the University of Nottingham.<br>Last week, the crims listed the UK uni on their leak site, then dumped data belonging to around 454,600 current and former students, including personal and academic records.

MORE CONTEXT

ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day

Nottingham Uni says student records raided after ShinyHunters claims cyberattack

Oxford Uni student data pwned yet again - this time via career platform breach

Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data

Meanwhile, a Google threat report published late last week noted malicious activity, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints."<br>Most of these are US-based organizations, and 68 percent operated within the higher education sector.<br>This latest heist follows another ShinyHunters intrusion targeting data belonging to university and K-12 students, teachers, and staff.<br>In mid-May, ed-tech giant Instructure said it “reached an agreement” - this is corporate-speak for “paid the ransom demand” - with the data theft and extortion crew after ShinyHunters breached its Canvas digital learning platform and accessed data tied to 275 million students, teachers, and staff.<br>In March, ShinyHunters claimed it stole data from K-12 software provider Infinite Campus as part of a broader wave of Salesforce-related intrusions. The ed tech company did not pay up, and the group subsequently published data they claim was stolen from Infinite Campus, including 137,000 individuals’ email addresses along with names, phone numbers, physical addresses and support tickets.

REG AD

Infinite Campus, in its data breach notification, said that the leaked files largely consisted of “names and contact information for school staff" and that “the majority is directory information commonly found on school websites.” ®

security<br>oracle peoplesoft<br>cyber-crime<br>data breach<br>shinyhunters<br>zero-day

REG AD

Virtualization

HPE offers VMware refugees a year off the meter

Free VM Essentials license and cut-price Zerto dangled at customers eyeing a platform escape

CYBER-CRIME

Council of Europe hacked in ShinyHunters' PeopleSoft heist

Joins the ranks of Nottingham Uni and 100 other unnamed victims

Europe's AI paralysis has a solution - and it starts with a semantic twin

PARTNER CONTENT: Onix's Wingspan platform promises to move enterprises from pilot purgatory to governed, enterprise-wide AI deployment in weeks, not years

DevOps

Java's Project Valhalla finally lands a preview in JDK 28

Don't hold your breath, though – architect Brian Goetz warns devs it will likely still be preview in next LTS release

PAAS AND IAAS

Graviton 5 impresses, but please, for the love of all that's holy, stop calling them 'AI chips'

AWS better at running chip fabs than their mouths

PUBLIC SECTOR

Feds snooze as US datacenter law set to lapse with no replacement in site

Federal Data Center Enhancement Act (FDCEA) of 2023 covers standards including security and sustainability

MOST POPULAR

security

GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections

Security

Angry bug hunter with Microsoft beef drops new Windows 0-day

ON-PREM

Amazon owns up to using 2.5bn gallons of H2O in its bit barns last year

Security

Signal says UK plan to scan devices for nude images 'endangers us all'

SECURITY

Every employee’s password was stored in a single Excel file

EVENTS

Thriving Through Volatility: The...

data shinyhunters peoplesoft council europe hacked

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.