As outlined in The Register, Nissan has confirmed that sensitive employee data was compromised following a cyberattack that targeted Oracle's PeopleSoft software. The automaker is among hundreds of companies affected by this security incident.Nissan Americas disclosed in a filing to the California Attorney General that a cyber event involving Oracle's personnel records led to the potential theft of payroll information, bank details, and Social Security numbers. The company believes attackers specifically targeted Nissan after gaining access to a broader dataset affecting numerous organizations. The breach, which occurred between May 27 and June 9, may have exposed personal information of current and former employees across the US, Canada, Mexico, and Brazil. The attack is believed to exploit an unknown vulnerability in Oracle's PeopleSoft software, a situation that has also been linked to the ShinyHunters extortion group.Nissan has initiated its incident response plan, engaged external security specialists, and is cooperating with law enforcement. To mitigate further risks, the company has implemented stricter access controls for payroll information, requiring access from corporate networks or secure VPNs and adding extra identity verification steps.Source: The Register
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds