356/69 Wednesday, July 1, 2026

Nissan Americas has disclosed a data breach affecting current and former employees after being notified that attackers had exploited a vulnerability in Oracle PeopleSoft to steal data from multiple organizations. Nissan Americas uses Oracle PeopleSoft to manage employee information, including payroll, tax, and other personnel data. Oracle stated that the incident may have allowed threat actors to access personnel data from hundreds of companies, and Nissan was later identified as one of the organizations directly targeted in the attack.
Nissan Americas stated that the investigation is still ongoing and that the full impact has not yet been determined. However, the company assessed that attackers may have accessed employees’ personal information, such as contact details, bank account information, Social Security numbers, Social Insurance numbers, national identification numbers, financial and tax information, and beneficiary information. The incident is expected to affect current and former Nissan employees in the United States, Canada, Mexico, and Brazil. The company has responded to the incident by engaging external cybersecurity experts to work with Oracle on remediation.
The incident is linked to the exploitation of a zero-day vulnerability in Oracle PeopleSoft, which has reportedly been used to steal data from multiple organizations and is associated with the ShinyHunters extortion group. Oracle later disclosed a critical vulnerability in Oracle PeopleSoft PeopleTools, tracked as CVE-2026-35273, and released emergency mitigation measures. Mandiant confirmed that the vulnerability was exploited between May 27 and June 9, 2026, and has notified more than 100 organizations. Nissan stated that it has terminated the unauthorized access, taken steps to prevent further data exposure, and will provide free credit monitoring and dark web monitoring services to affected individuals. The company has also restricted access to pay stubs and direct deposit changes so that they can only be made through devices on the company network or a secure VPN.
