Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day
Published
Key Takeaways
- Breach Confirmed: Nissan Americas disclosed an employee data breach tied to Oracle PeopleSoft zero-day attacks linked to ShinyHunters.
- Vulnerability Exploited: Threat actors exploited CVE-2026-35273 between May 27 and June 9, 2026.
- Scale Reported: Over 300 PeopleSoft instances across 100 organizations were breached.
Nissan has disclosed a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks linked to the ShinyHunters extortion group. Nissan Americas uses Oracle PeopleSoft software to manage employee information, including payroll, tax administration, and other personnel records.
What Employee Data Was Exposed
In breach notifications filed with the California Attorney General's Office, Oracle stated that personnel records of hundreds of companies may have been obtained, with Nissan specifically targeted.
Nissan said it is in the early stages of investigation. However, according to its breach notification documents sent to former and current employees, it believes attackers accessed personal information that may include:
- employee contact details,
- banking information,
- Social Security/Social Insurance/National Identification Numbers,
- financial and tax information,
- dependent/beneficiary information.
The company said it believes the incident may impact current and former employees in the U.S., Canada, Mexico, and Brazil.
How the Oracle PeopleSoft Breach Happened
Threat actors exploited CVE-2026-35273, a zero-day vulnerability in Oracle PeopleSoft PeopleTools, before Oracle released emergency mitigations. Mandiant confirmed that attackers leveraged the flaw as a zero-day in data theft attacks between May 27 and June 9, 2026, primarily affecting the education sector.
ShinyHunters claimed responsibility, stating that over 300 PeopleSoft instances across 100 organizations were breached.
Nissan's Incident Response
Nissan activated its incident response, engaged external cybersecurity experts, secured affected systems, and is working with Oracle to address the issue. The company will offer free credit and dark web monitoring services to affected individuals where available.
As an added precaution, Nissan is restricting access to pay slips and direct deposit changes to company network computers or secured VPN connections.
Early this year, Everest claimed a massive Nissan data breach, with over 100,000 PayPal credentials reportedly leaked. One month earlier, the carmaker apologized after data from 21,000 Nissan customers was exposed in a Red Hat server breach.
Last month, Skoda Auto disclosed an online shop intrusion that may have affected customer data.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular