RSS

Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs

Bender1 pts0 comments

Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs

Jump to main content

Search

REG AD

Security

Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs

Carmaker points finger at an 'unknown' flaw as customer fallout continues

Carly Page

Carly<br>Page

Published<br>mon 29 Jun 2026 // 12:14 UTC

Nissan has joined the growing list of Oracle customers cleaning up after a cyberattack, warning employees that payroll records, bank details, Social Security numbers, and other personal data may have been stolen.<br>In a filing submitted to the California Attorney General on Friday, Nissan Americas said Oracle had informed it of "a cyber event" involving the personnel records of "hundreds of companies." The automaker said it later learned Nissan had been "specifically targeted" in the attack.<br>A notification sent to current and former employees, seen by The Register, says the company believes attackers accessed a haul of sensitive info, including contact and banking information; Social Security, Social Insurance, or other national identification numbers; financial and tax records; and dependent and beneficiary details.

REG AD

Current and former employees in the US, Canada, Mexico, and Brazil may have been affected, although Nissan said it is still working to determine exactly whose information was exposed.

REG AD

Nissan said it kicked off its incident response plan after learning of the intrusion, brought in outside security specialists, and has been working with Oracle while keeping law enforcement informed. It plans to offer affected individuals credit or dark web monitoring where available.<br>The company has also put a few extra locks on the payroll office. Employees can now access pay slips or update direct deposit details only from a corporate network or through a secure VPN, while Nissan adds extra identity checks before processing payroll requests.<br>The accompanying employee FAQ pins the incident on "an unknown vulnerability in Oracle's PeopleSoft software" and says the campaign is affecting "hundreds of companies and institutions." The document offers no clue as to what the vulnerability is, whether Oracle has patched it, or whether the compromised PeopleSoft environment was hosted by Oracle or by Nissan itself.<br>The disclosure lands just weeks after researchers linked the ShinyHunters extortion crew to a wave of attacks exploiting a PeopleSoft zero-day. More than 100 organizations and roughly 300 PeopleSoft instances were reportedly compromised before Oracle issued mitigation measures, with the gang claiming to have made off with HR, payroll, and other enterprise data.

MORE CONTEXT

Weak security means attackers could disable all of a city's public EV chargers

US regulator tells GM to hit the brakes on customer tracking

21K Nissan customers' data stolen in Red Hat raid

Porsche panic in Russia as pricey status symbols forget how to car

Oracle has said little publicly about the reported attacks and didn't respond to The Register's questions, even as organizations have continued to disclose being caught in the fallout.<br>Nissan has not confirmed that the incidents are connected, though its California filing lists the breach period as May 27 through June 9, broadly aligning with the previously reported timeline.<br>The carmaker didn't respond to questions about how many current and former employees are affected, when Oracle first notified it of the breach, and whether the compromise was limited to Oracle-managed systems. ®

cybercrime<br>security<br>oracle

REG AD

networks

Microsoft to assist European Commission in defense of EU-US data-sharing agreement

Court says Redmond can file briefs, take part in hearings amid challenge to the current path Big Tech's data spice uses to legally flow

security

AI may be good at finding security vulnerabilities, but it can't beat human stupidity

You don't need Mythos or GPT-5.5-Cyber to find a vuln to exploit when the world's password habits are so sloppy

ZTE released all-in-one FTTR-B solution for SME AI and connectivity at MWC Shanghai 2026

PARTNER CONTENT: • Supporting on-premise local AI large model operation, the solution cuts cloud costs and secures sensitive corporate data for SMEs

SECURITY

Microsoft keeps Windows Server 2022 hotpatching alive into 2027

In the Azure Edition, of course

columnists

Telling internet platforms where to stick public service media will serve nobody. Turn it on its head

Show not tell makes a far finer script

OFFBEAT

Blue Origin insists New Glenn will rise from the ashes this year after explosion deleted launchpad

CEO says reconstruction has begun, though the timetable looks ambitious

MOST POPULAR

systems

Micron locks in historically high memory prices for five years

Channel

Infosys boss says vibe coding is no threat because there’s more to writing software than writing software

Personal tech

India and China are home to 2.9 billion people – and together they bought just 13 million...

oracle nissan security says peoplesoft payroll

Related Articles

(no title)

Risse50 ptstitle

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

Italy's Meloni says Trump 'made up' story that she 'begged' him for photo at G7

root-parent13 ptsmeloni trump italy said italian begged
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.