Nissan Data Breach Exposes Employee Records via Oracle Vulnerability

Nissan disclosed a data breach affecting current and former employees after attackers exploited a critical vulnerability in Oracle PeopleSoft, specifically CVE-2026-35273. This breach potentially exposed sensitive information, including Social Security numbers, banking details, and payroll records, impacting employees in the U.S., Canada, Mexico, and Brazil. The ShinyHunters extortion group is believed to be behind the attack, which affected hundreds of organizations globally. Nissan activated its incident response plan, engaged cybersecurity experts, and is collaborating with Oracle to mitigate the issue. The company is offering credit and dark web monitoring services to affected individuals. As of now, Nissan has not disclosed the total number of impacted employees or the specific timeline of the breach.

Key Points: • Nissan's data breach affects current and former employees across multiple countries. • The breach is linked to CVE-2026-35273, a critical vulnerability in Oracle PeopleSoft. • ShinyHunters extortion group is believed to be responsible for the attack.