Nissan says a data breach exposed current and former employee information after attackers exploited an Oracle PeopleSoft vulnerability in theft attacks linked to ShinyHunters. The incident may have affected employees in the United States, Canada, Mexico, and Brazil, while Oracle and Mandiant have confirmed widespread exploitation of CVE-2026-35273 across hundreds of organizations. #Nissan #OraclePeopleSoft #ShinyHunters #CVE-2026-35273
Keypoints
- Nissan says threat actors accessed employee records through an Oracle PeopleSoft vulnerability.
- The breach may involve contact details, banking data, Social Security numbers, and tax information.
- The incident appears linked to ShinyHunters data theft attacks against PeopleSoft systems.
- Oracle and Mandiant reported that CVE-2026-35273 was exploited as a zero-day.
- Nissan has secured affected systems and is offering credit and dark web monitoring where available.