A fresh wave of cyberattacks has put organizations using Oracle PeopleSoft software on high alert after the notorious hacking group ShinyHunters claimed responsibility for stealing data from more than 100 institutions worldwide.

According to cybersecurity reports, the attackers targeted both cloud-based and on-premises Oracle PeopleSoft environments. The campaign is believed to have affected hundreds of server instances, raising concerns among enterprises, educational institutions, and organizations that rely on the platform for critical operations.

What Is Oracle PeopleSoft?

Oracle PeopleSoft is a widely used enterprise software suite that helps organizations manage key business functions, including human resources, payroll, finance, procurement, supply chain operations, and student administration.

Because of its extensive use among universities and large corporations, any security breach involving the platform has the potential to expose highly sensitive information related to employees, students, and institutional records.

Hackers Claim Extensive Data Theft

The ShinyHunters cybercrime group reportedly claimed that it had compromised approximately 300 PeopleSoft instances across more than 100 organizations. The attackers allegedly exploited a combination of older vulnerabilities and previously unknown flaws to gain access to targeted systems.

Security experts noted that the success of the attacks may depend on how individual PeopleSoft deployments are configured, meaning not all systems are equally vulnerable.

Education Sector Among Major Targets

Reports suggest that universities and educational institutions are among the sectors most heavily affected by the campaign. Sensitive records related to students, faculty members, and administrative operations could potentially be at risk if the attackers’ claims are confirmed.

Authorities and affected organizations are continuing to assess the extent of the breaches and determine whether any data has been exposed.

Who Are ShinyHunters?

ShinyHunters is a well-known cybercrime group that has been associated with several major data breaches over the years. The group is known for stealing sensitive information and using it for extortion or public exposure.

Cybersecurity agencies worldwide have repeatedly warned organizations about the increasing sophistication of such attacks, which often combine technical exploits with social engineering methods.

Investigation and Response Underway

As investigations continue, organizations using Oracle PeopleSoft are being advised to review their security configurations, install the latest updates, and monitor systems for suspicious activity.

Experts recommend strengthening authentication measures, conducting regular security audits, and maintaining timely patch management to reduce the risk posed by emerging cyber threats.

The overall impact of the campaign remains under investigation, and further details are expected as affected organizations complete their assessments.