Nissan discloses employee data breach linked to Oracle zero-day attacks

Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group. [...]
The continuous evolution of cyber threats and the discovery of zero-day vulnerabilities in widely used enterprise software like Oracle PeopleSoft create persistent opportunities for data breaches.
This incident highlights the ongoing vulnerability of corporate data to sophisticated cyberattacks, especially those exploiting zero-day flaws in critical, widely deployed enterprise systems.
Companies using Oracle PeopleSoft will likely prioritize patching and security audits more aggressively, while awareness of supply chain vulnerabilities in enterprise software will increase.
- · Cybersecurity firms
- · Security consultants
- · Patch management solution providers
- · Nissan
- · Oracle
- · Organizations relying on legacy enterprise software
Nissan faces immediate reputational damage and potential regulatory fines along with costs for remediation.
Other companies using Oracle PeopleSoft will likely conduct urgent vulnerability assessments and expedite patching efforts.
Increased scrutiny and demand for enhanced security features will be placed on enterprise software vendors, potentially leading to more secure by design approaches.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at BleepingComputer