Nissan employee data leak via Oracle PeopleSoft zero-day
Data Leak
Summary
Hide ▲
Show ▼
Nissan disclosed a data leak affecting current and former employees after attackers exploited Oracle PeopleSoft, exposing sensitive payroll and identity records across multiple countries. The exposure may include Social Security numbers, banking details, tax records, and national identification numbers, making the event a significant privacy and fraud risk. Nissan said the breach was tied to a May 27 to June 9 attack window and that affected staff span the US, Canada, Mexico, and Brazil.
Related Happenings
Nissan hit by network compromise
Incident
H score48
First: 29.06.2026 23:40
Last: 29.06.2026 23:40
Sources 1
How related:
Nissan has disclosed that current and former employees may have had sensitive personal data stolen, including Social Security numbers, banking details and tax records, after attackers exploited a zero-day flaw in Oracle's PeopleSoft software.
About this happening:
**Nissan** disclosed a **data breach** affecting **current and former employees** after unauthorized access tied to **Oracle PeopleSoft** exploitation put personnel records at ris...
Nissan hit by network compromise
IncidentHow related: Nissan has disclosed that current and former employees may have had sensitive personal data stolen, including Social Security numbers, banking details and tax records, after attackers exploited a zero-day flaw in Oracle's PeopleSoft software.
About this happening: **Nissan** disclosed a **data breach** affecting **current and former employees** after unauthorized access tied to **Oracle PeopleSoft** exploitation put personnel records at ris...
ShinyHunters Oracle PeopleSoft data theft and extortion campaign
Campaign
H score60
First: 10.06.2026 21:31
Last: 10.06.2026 21:31
Sources 1
How related:
The flaw, tracked as CVE-2026-35273, is a critical remote code execution bug that attackers exploited as a zero-day. The wider campaign has been linked to the ShinyHunters extortion group, which claimed to have hit more than 100 organizations, mostly universities.
About this happening:
**ShinyHunters**/**UNC6240** used **CVE-2026-35273** in **Oracle PeopleSoft Enterprise PeopleTools** as a **zero-day** to break into exposed systems, steal data, and extort victim...
ShinyHunters Oracle PeopleSoft data theft and extortion campaign
CampaignHow related: The flaw, tracked as CVE-2026-35273, is a critical remote code execution bug that attackers exploited as a zero-day. The wider campaign has been linked to the ShinyHunters extortion group, which claimed to have hit more than 100 organizations, mostly universities.
About this happening: **ShinyHunters**/**UNC6240** used **CVE-2026-35273** in **Oracle PeopleSoft Enterprise PeopleTools** as a **zero-day** to break into exposed systems, steal data, and extort victim...
Latest development: 29.06.2026 23:40
Nissan says attackers exploited an Oracle PeopleSoft vulnerability in a ShinyHunters-linked campaign and that the company was specifically targeted, with personal information for current and former employees in the United States, Canada, Mexico, and Brazil potentially exposed. Nissan says the material may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information, and the company has activated incident response, engaged external cybersecurity experts, secured affected systems, and is working with Oracle.
DentaQuest 2.6 million-account data leak
Data Leak
H score65
First: 04.06.2026 21:36
Last: 04.06.2026 21:36
Sources 1
About this happening:
**DentaQuest**'s **public leak** exposed records for **2.6 million accounts**, putting **personal and health-related data** at risk. The leak followed **ShinyHunters**' claim to h...
DentaQuest 2.6 million-account data leak
Data LeakAbout this happening: **DentaQuest**'s **public leak** exposed records for **2.6 million accounts**, putting **personal and health-related data** at risk. The leak followed **ShinyHunters**' claim to h...
Carnival Corporation customer data leak
Data Leak
H score60
First: 28.05.2026 13:49
Last: 28.05.2026 13:49
Sources 1
About this happening:
**Carnival Corporation** confirmed a **customer data leak** that exposed personal information for **5,995,277 people**, making this a large-scale privacy and identity-risk event....
Carnival Corporation customer data leak
Data LeakAbout this happening: **Carnival Corporation** confirmed a **customer data leak** that exposed personal information for **5,995,277 people**, making this a large-scale privacy and identity-risk event....
HackerOne employee and dependent data leak after Navia breach
Data Leak
H score27
First: 24.03.2026 16:01
Last: 24.03.2026 16:01
Sources 1
About this happening:
HackerOne disclosed that **sensitive employee and dependent data** was exposed after attackers accessed **Navia** through a **Broken Object Level Authorization (BOLA) vulnerabilit...
HackerOne employee and dependent data leak after Navia breach
Data LeakAbout this happening: HackerOne disclosed that **sensitive employee and dependent data** was exposed after attackers accessed **Navia** through a **Broken Object Level Authorization (BOLA) vulnerabilit...
Timeline
-
30.06.2026 19:00 2 articles · 1h ago
Nissan discloses employee data theft after Oracle PeopleSoft zero-day exploitation
Initial DisclosureNissan said attackers exploited CVE-2026-35273 in Oracle PeopleSoft to steal sensitive payroll and identity data from current and former employees, with the breach notification published on June 26 and the attack window placed between May 27 and June 9. The exposed information may include Social Security numbers, national identification numbers, banking details, tax records, and dependent or beneficiary information for staff in the US, Canada, Mexico, and Brazil, and Nissan said it had secured its systems, restricted payroll access, and added extra identity checks.
Show sources
- Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day — www.infosecurity-magazine.com — 30.06.2026 19:00
- Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day — www.infosecurity-magazine.com — 30.06.2026 19:00