Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations

In Brief

The notorious cybercrime radical ShinyHunters claimed to person hacked Oracle PeopleSoft servers astatine much than 100 organizations, galore of them universities, a ShinyHunters subordinate told TechCrunch connected Wednesday. The breaches were first reported by BleepingComputer.

PeopleSoft is endeavor bundle designed to negociate payroll, quality resources, administration, and different concern operations. 

The quality shows that contempt being 1 of the astir disposable and prolific cybercrime groups astatine the moment, ShinyHunters is not slowing down, and has turned wide hacks into its specialty. The group’s modus operandi is to find a vulnerability successful a fashionable portion of bundle truthful that they tin compromise galore victims astatine once.

“Student, applicant, fiscal aid, immigration, health, and administrative information has been exfiltrated,” work a connection that the hacker said was sent to 1 of the victims. The hackers claimed to person stolen pupil records that see location addresses, telephone numbers, emails, and dates of birth. 

The hacker added that astir of the targeted schools had already been compromised successful earlier, unrelated campaigns.

The group’s archetypal goal, the subordinate said, was to compromise an FBI PeopleSoft server — the extremity being to station a connection denying ShinyHunters was down a question of swatting attempts the FBI flagged successful an alert past month. The subordinate said that effort failed.

Oracle did not respond to a petition for comment. 

Subscribe for the industry’s biggest tech news