Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.
PeopleSoft is an enterprise business software suite used by large organizations to manage business operations such as human resources, payroll, finance, supply chain management, procurement, and student administration.
Yesterday, BleepingComputer learned of widespread data theft attacks targeting both cloud and on-premises Oracle PeopleSoft customer instances.These customers were receiving extortion demands that were signed by the ShinyHunters extortion gang.
Today, the threat actor confirmed to BleepingComputer that they were behind the attacks, claiming to have stolen data from 300 instances across more than 100 organizations.
ShinyHunters says they are using a "gadget chain" of old and zero-day vulnerabilities to conduct the attacks. However, they state that their attack is not working on all systems and believe that exploitation success may depend on how an instance is configured.
