{"id":21701,"date":"2026-06-11T23:55:10","date_gmt":"2026-06-11T23:55:10","guid":{"rendered":"https:\/\/jobuzo.com\/en\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/"},"modified":"2026-06-11T23:55:10","modified_gmt":"2026-06-11T23:55:10","slug":"oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies","status":"publish","type":"post","link":"https:\/\/jobuzo.com\/en\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/","title":{"rendered":"Oracle warns of security bug that hackers abused to breach 100+ companies"},"content":{"rendered":"<div>\n<div><\/div>\n<div readability=\"115.96227747951\">\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign.<\/p>\n<p class=\"wp-block-paragraph\">The company published the security advisory on Thursday after the hacking group ShinyHunters claimed to have breached more than 100 organizations that use PeopleSoft servers.<\/p>\n<p class=\"wp-block-paragraph\">Mandiant, the Google-owned security unit that investigates cyberattacks, warned in a blog post that the new Oracle flaw is the same bug that the ShinyHunters group is abusing in its hacking campaign targeting PeopleSoft customers.&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">Oracle, which has not released a patch for the vulnerability at the time of writing, said in the advisory that the bug can be exploited over the internet without needing any authentication, such as a password.&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">The tech giant recommended that customers who use PeopleSoft software apply its mitigations to prevent exploitation.<\/p>\n<p class=\"wp-block-paragraph\">On Wednesday, a ShinyHunters member told TechCrunch that the gang compromised the companies by abusing an unpatched flaw in PeopleSoft servers. The bug is known as a zero-day because the company affected, in this case Oracle, had no time to fix it before it was discovered and exploited.<\/p>\n<div class=\"internal-linking-related-contents\"><a href=\"https:\/\/jobuzo.com\/en\/12-weeks-jail-for-school-it-support-technician-who-took-upskirt-videos-of-teachers\/\" class=\"template-1\"><span class=\"cta\">News :<\/span><span class=\"postTitle\">&lt;div&gt;12 weeks' jail for school IT support technician who took upskirt videos of teachers&lt;\/div&gt;<\/span><\/a><\/div><p class=\"wp-block-paragraph\">Mandiant confirmed that it has also notified more than &ldquo;100 global organizations,&rdquo; most of them in the United States, in an effort to restrict access to their potentially vulnerable systems. The cybersecurity group said that about two-thirds of these organizations are in higher education, which aligns with what ShinyHunters previously claimed.<\/p>\n<p class=\"wp-block-paragraph\">&ldquo;While several organizations successfully blocked the activity or remediated the vulnerabilities, others experienced compromise, resulting in stolen data being published on the ShinyHunters [Data Leak Website],&rdquo; Mandiant wrote.&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">Oracle did not respond to TechCrunch&rsquo;s request for comment.&nbsp;<\/p>\n<div class=\"article-block block--callout block--right has-green-500-background-color\" readability=\"36.242320819113\">\n<h4 class=\"block--callout__title\">Contact Us<\/h4>\n<p>\t\t\tDo you have more information about this hacking campaign? Or other data breaches? We&rsquo;d love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.\t\t<\/p><\/div>\n<p class=\"wp-block-paragraph\">The ShinyHunters member told TechCrunch this week that some of the hacked organizations are universities and colleges. <\/p>\n<p class=\"wp-block-paragraph\">The hacker shared a message they said was sent to one of the victim schools, in which the hackers claimed to have stolen &ldquo;hundreds of thousands of student records containing full name, home address, phone, email, date of birth, gender, ethnicity, enrollment status, GPA, major, and student ID across all campuses,&rdquo; among other data.&nbsp;<\/p>\n<div class=\"internal-linking-related-contents\"><a href=\"https:\/\/jobuzo.com\/en\/migrant-acquitted-in-first-trial-over-us-border-military-zones\/\" class=\"template-1\"><span class=\"cta\">News :<\/span><span class=\"postTitle\">Migrant acquitted in first trial over US border military zones<\/span><\/a><\/div><p class=\"wp-block-paragraph\">PeopleSoft, and its customers, are the latest victims in a long series of hacking campaigns where the ShinyHunters gang targeted organizations that all share the same vulnerable software.&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">In the last year, the group targeted several companies that use Salesforce and Gainsight, as well as software provided by education giant Instructure, and among others.&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">Once the hackers identify vulnerable software and companies that use it, they try to steal corporate or customer data and then threaten to release it unless the victims pay a ransom.&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">Earlier this year, education tech company Instructure said it paid the hackers after they breached the company&rsquo;s systems twice. As part of the hacking campaign, ShinyHunters defaced the login pages of several schools that use Instructure&rsquo;s popular school information portal Canvas.<\/p>\n<\/div>\n<p><em>When you purchase through links in our articles, we may earn a small commission. This doesn&rsquo;t affect our editorial independence.<\/em><\/p>\n<\/div>\n<p><sub>Oracle warns of security bug that hackers abused to breach 100+ companies<\/sub><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign. The company published the security advisory on Thursday after the&#8230;<\/p>\n<p class=\"more-link-wrap\"><a href=\"https:\/\/jobuzo.com\/en\/oracle-warns-of-security-bug-that-hackers-abused-to-breach-100-companies\/\" class=\"more-link\">Read More<span class=\"screen-reader-text\"> &ldquo;Oracle warns of security bug that hackers abused to breach 100+ companies&rdquo;<\/span> &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":21702,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-21701","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/posts\/21701","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/comments?post=21701"}],"version-history":[{"count":0,"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/posts\/21701\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/media\/21702"}],"wp:attachment":[{"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/media?parent=21701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/categories?post=21701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jobuzo.com\/en\/wp-json\/wp\/v2\/tags?post=21701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}