Excerpt from BleepingComputer, Published on June 29, 2026

The Nissan cyber breach has drawn industry attention after Nissan confirmed that current and former employees were affected by a cybersecurity incident tied to the exploitation of an Oracle PeopleSoft vulnerability. The disclosure followed breach notifications filed with the California Attorney General’s Office, in which Oracle stated that the data theft attacks impacted hundreds of companies and that Nissan was specifically targeted in the campaign.

According to BleepingComputer, Nissan Americas relies on Oracle PeopleSoft software to manage employee information, including payroll, tax administration, and other personnel records. Nissan believes attackers accessed personal information that may include employee contact details, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary records. The incident is believed to affect current and former employees in the United States, Canada, Mexico, and Brazil.

Nissan stated that it activated its incident response protocols upon learning of the breach, engaged external cybersecurity experts, secured affected systems, and is working with Oracle to address the issue. The company indicated that it has taken steps to end unauthorized access and prevent further disclosure of employee information, and will offer free credit and dark web monitoring services to affected individuals where available. As an additional precaution, Nissan is restricting access to employee pay slips and direct deposit changes to company network or secured VPN connections while implementing further identity verification measures for payroll requests.

The breach has been linked to a broader campaign of attacks exploiting a zero-day vulnerability in Oracle PeopleSoft PeopleTools, tracked as CVE-2026-35273. The extortion group ShinyHunters claimed responsibility for the attacks, alleging that over 300 PeopleSoft instances across 100 organizations were breached. Mandiant later confirmed that the vulnerability was actively exploited as a zero-day between May 27 and June 9, with the campaign primarily affecting organizations in the education sector, including Nottingham University and the National Association of Insurance Commissioners (NAIC), both of which have had data leaked on ShinyHunters’ data leak site.

The incident has renewed concerns about the security of widely used enterprise HR and payroll platforms, as well as the broader risks posed by third-party software vulnerabilities. As investigations continue, the full scope of the Nissan cyber breach, including which employees and what categories of data were ultimately exposed, remains under review.

For additional details, visit BleepingComputer.

Schedule A Meeting