ShinyHunters claims breach of Oracle PeopleSoft servers at over 100 organizations

The notorious cybercrime group ShinyHunters claimed to have hacked Oracle PeopleSoft servers at more than 100 organizations, many of them universities, a ShinyHunters member told TechCrunch on Wednesday. The breaches were first reported by BleepingComputer. PeopleSoft is enterprise software designed to manage payroll, human resources, administration, and other business operations.

The news shows that despite being one of the most visible and prolific cybercrime groups at the moment, ShinyHunters is not slowing down and has turned mass hacks into its specialty. The group’s modus operandi is to find a vulnerability in a popular piece of software so that they can compromise many victims at once. “Student, applicant, financial aid, immigration, health, and administrative data has been exfiltrated,” read a message that the hacker said was sent to one of the victims.

The hackers claimed to have stolen student records that include home addresses, phone numbers, emails, and dates of birth. The hacker added that most of the targeted schools had already been compromised in earlier, unrelated campaigns. The group’s original goal, the member said, was to compromise an FBI PeopleSoft server — the goal being to post a statement denying ShinyHunters was behind a wave of swatting attempts the FBI flagged in an alert last month.

The member said that attempt failed. Oracle did not respond to a request for comment. Why this matters: The ShinyHunters' breach of Oracle PeopleSoft servers at over 100 organizations highlights the growing threat of mass hacks targeting vulnerabilities in popular software.

The fact that many of the targeted organizations are universities raises concerns about the security of sensitive student data. This incident also underscores the challenges of protecting against cybercrime groups that have turned mass hacks into their specialty. As ShinyHunters continues to evolve and adapt, businesses and organizations must remain vigilant and prioritize robust security measures to prevent similar breaches.

The incident also raises questions about the effectiveness of current security measures in place at universities and other organizations using PeopleSoft, and whether Oracle needs to take additional steps to support its customers in preventing such breaches.