🟠 High | Source: The Register — Security
Nissan has disclosed a breach of its Oracle PeopleSoft HR and payroll systems, potentially exposing employee Social Security Numbers and payroll records. The intrusion exploited an as-yet-unidentified vulnerability in the PeopleSoft platform. This is a significant incident given the sensitivity of the data involved and the scale of Nissan’s workforce.
Security Architect’s Take: Audit all internet-facing PeopleSoft instances immediately — review patch levels, check for unauthenticated access paths, and validate network segmentation between PeopleSoft and core HR/payroll data stores. If PeopleSoft is hosted on-premises or via Oracle Cloud, ensure privileged access logging and anomaly detection are active and alerts are being reviewed.
Original advisory: Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs