Skip to content
Tech News
← Back to articles

Nissan discloses employee data breach linked to Oracle zero-day attacks

2026-06-29 | original
read original more articles
Why This Matters

The Nissan data breach highlights the ongoing risks posed by zero-day vulnerabilities in widely used enterprise software like Oracle PeopleSoft. This incident underscores the importance for companies to prioritize cybersecurity measures, especially when handling sensitive employee data, and demonstrates the need for rapid response and transparency in mitigating the impact of such attacks on consumers and employees alike.

Key Takeaways

Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group.

In breach notifications filed with the California Attorney General's Office, Oracle says these data theft attacks impacted hundreds of companies and that Nissan was specifically targeted in the campaign.

"Nissan Americas uses Oracle PeopleSoft software to manage employee information, including payroll, tax administration, and other personnel records," reads the breach notifications.

"Oracle has informed us that there was a cyber event and that the personnel records of hundreds of companies may have been obtained by so-called threat actors. We have since learned that Nissan was specifically targeted in this attack."

Nissan says it is still in the early stages of the investigation and has not yet determined the full impact of the breach, but believes attackers accessed personal information that may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information.

The incident is believed to impact current and former Nissan employees in the United States, Canada, Mexico, and Brazil.

Nissan says it activated its incident response after learning it had suffered a data breach, engaged external cybersecurity experts, secured affected systems, and is working with Oracle to address the issue.

The company says it also took steps to end unauthorized access and prevent further disclosure of employee information and will offer free credit and dark web monitoring services to affected individuals where available.

As an additional precaution, Nissan says it is restricting access to employee pay slips and direct deposit changes to company network computers or secured VPN connections while it implements additional identity verification measures before processing payroll requests.

The automaker says that employees whose information is ultimately determined to have been exposed will receive additional notifications detailing what data was impacted.

... continue reading

Explore topics: nissan oracle peoplessoft shinyhunters data breach
Related:
Vulnerabilities Expose Private Data in Indian Government Systems
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
Hackers now exploit critical Oracle E-Business flaw in attacks
25 years ago, this scene from Steven Spielberg’s ‘A.I.’ predicted the collapse of objective reality
Oracle stock has worst week since 2001 dot-com bust as AI financing concerns escalate

© 2026 GoKawiil

About | Editorial Policy | Contact