In brief: ShinyHunters is conducting targeted data thefts against Oracle PeopleSoft infrastructure, threatening hundreds of organizations.
The extortion group ShinyHunters is targeting Oracle PeopleSoft servers and claims to have stolen data from over 100 organizations. Ongoing attacks are impacting companies regardless of their size.
The extortion group ShinyHunters is currently being attributed to coordinated attacks on Oracle PeopleSoft systems. According to the group’s own statements, it has already exfiltrated data from over 100 organizations. PeopleSoft is a widely deployed enterprise resource planning system (ERP) used by organizations to manage business operations, human resources, and finance.
The affected organizations span various industries and sizes. This campaign is relevant for CISOs because PeopleSoft implementations typically contain sensitive business and personnel data that, if compromised, can cause significant compliance and reputational damage.
Security teams should examine PeopleSoft systems for indicators of compromise, particularly unauthorized access, data exfiltration, and suspicious administrative activities. In parallel, it is recommended to review access controls, segmentation, and monitoring capabilities for these critical systems.
Source: www.bleepingcomputer.com · Published 10 June 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.