The hacking group ShinyHunters has breached the Council of Europe by exploiting vulnerabilities in Oracle PeopleSoft, the enterprise HR and administrative software used by many large organisations. The attack also affected Nottingham University and over 100 other unnamed victims, suggesting a widespread, opportunistic campaign targeting PeopleSoft deployments. The breach raises serious concerns about the exposure of sensitive personnel and organisational data held within ERP systems.

Security Architect’s Take: Audit all internet-facing PeopleSoft instances immediately — ensure they are patched to the latest Oracle CPU release, restrict access via IP allowlisting or VPN, and review whether PeopleSoft admin interfaces are unnecessarily exposed to the public internet. If PeopleSoft is hosted on cloud infrastructure, validate that security groups and network ACLs limit exposure appropriately.

Original advisory: Council of Europe hacked in ShinyHunters’ PeopleSoft heist